Fala galera beleza?
A Cisco anunciou nos últimos dias 2 novas certificações de nível de entrada, o CCST (Cisco Certified Support Technician) Cybersecurity e o CCST Networking que estarão disponíveis em 1º de Março para a de Cybersec e a segunda a partir de Abril deste ano:
1.0 Essential Security Principles
1.1. Define essential security principles
Vulnerabilities, threats, exploits, and risks; attack vectors; hardening; defense-in-depth; confidentiality, integrity, and availability (CIA); types of attackers; reasons for attacks; code of ethics
1.2. Explain common threats and vulnerabilities
Malware, ransomware, denial of service, botnets, social engineering attacks (tailgating, spear phishing, phishing, vishing, smishing, etc.), physical attacks, man in the middle, IoT vulnerabilities, insider threats, Advanced Persistent Threat (APT)
1.3. Explain access management principles
Authentication, authorization, and accounting (AAA); RADIUS; multifactor authentication (MFA); password policies
1.4. Explain encryption methods and applications
Types of encryption, hashing, certificates, public key infrastructure (PKI); strong vs. weak encryption algorithms; states of data and appropriate encryption (data in transit, data at rest, data in use); protocols that use encryption
2.0 Basic Network Security Concepts
2.1. Describe TCP/IP protocol vulnerabilities
TCP, UDP, HTTP, ARP, ICMP, DHCP, DNS
2.2. Explain how network addresses impact network security
IPv4 and IPv6 addresses, MAC addresses, network segmentation, CIDR notation, NAT, public vs. private networks
2.3. Describe network infrastructure and technologies
Network security architecture, DMZ, virtualization, cloud, honeypot, proxy server, IDS, IPS
2.4. Set up a secure wireless SoHo network
MAC address filtering, encryption standards and protocols, SSID
2.5. Implement secure access technologies
ACL, firewall, VPN, NAC
3.0 Endpoint Security Concepts
3.1. Describe operating system security concepts
Windows, macOS, and Linux; security features, including Windows Defender and host-based firewalls; CLI and PowerShell; file and directory permissions; privilege escalation
3.2. Demonstrate familiarity with appropriate endpoint tools that gather security assessment information
netstat, nslookup, tcpdump
3.3. Verify that endpoint systems meet security policies and standards
Hardware inventory (asset management), software inventory, program deployment, data backups, regulatory compliance (PCI DSS, HIPAA, GDPR), BYOD (device management, data encryption, app distribution, configuration management)
3.4. Implement software and hardware updates
Windows Update, application updates, device drivers, firmware, patching
3.5. Interpret system logs
Event Viewer, audit logs, system and application logs, syslog, identification of anomalies
3.6. Demonstrate familiarity with malware removal
Scanning systems, reviewing scan logs, malware remediation
4.0 Vulnerability Assessment and Risk Management
4.1. Explain vulnerability management
Vulnerability identification, management, and mitigation; active and passive reconnaissance; testing (port scanning, automation)
4.2. Use threat intelligence techniques to identify potential network vulnerabilities
Uses and limitations of vulnerability databases; industry-standard tools used to assess vulnerabilities and make recommendations, policies, and reports; Common Vulnerabilities and Exposures (CVEs), cybersecurity reports, cybersecurity news, subscription services, and collective intelligence; ad hoc and automated threat intelligence; the importance of updating documentation and other forms of communication proactively before, during, and after cybersecurity incidents; how to secure, share and update documentation
4.3. Explain risk management
Vulnerability vs. risk, ranking risks, approaches to risk management, risk mitigation strategies, levels of risk (low, medium, high, extremely high), risks associated with specific types of data and data classifications, security assessments of IT systems (information security, change management, computer operations, information assurance)
4.4. Explain the importance of disaster recovery and business continuity planning
Natural and human-caused disasters, features of disaster recovery plans (DRP) and business continuity plans (BCP), backup, disaster recovery controls (detective, preventive, and corrective)
5.0 Incident Handling
5.1. Monitor security events and know when escalation is required
Role of SIEM and SOAR, monitoring network data to identify security incidents (packet captures, various log file entries, etc.), identifying suspicious events as they occur
5.2. Explain digital forensics and attack attribution processes
Cyber Kill Chain, MITRE ATT&CK Matrix, and Diamond Model; Tactics, Techniques, and Procedures (TTP); sources of evidence (artifacts); evidence handling (preserving digital evidence, chain of custody)
5.3. Explain the impact of compliance frameworks on incident handling
Compliance frameworks (GDPR, HIPAA, PCI-DSS, FERPA, FISMA), reporting and notification requirements
5.4. Describe the elements of cybersecurity incident response
Policy, plan, and procedure elements; incident response lifecycle stages (NIST Special Publication 800-61 sections 2.3, 3.1-3.4
Link Blueprint CCST Cybersecurity
https://learningnetwork.cisco.com/s/ccst-cybersecurity-exam-topics
Exam Topics para a prova CCST Networking:
1.0 Standards and Concepts
1.1. Identify the fundamental conceptual building blocks of networks.
TCP/IP model, OSI model, frames and packets, addressing
1.2. Differentiate between bandwidth and throughput.
Latency, delay, speed test vs. Iperf
1.3. Differentiate between LAN, WAN, MAN, CAN, PAN, and WLAN.
Identify and illustrate common physical and logical network topologies.
1.4. Compare and contrast cloud and on-premises applications and services.
Public, private, hybrid, SaaS, PaaS, IaaS, remote work/hybrid work
1.5. Describe common network applications and protocols.
TCP vs. UDP (connection-oriented vs. connectionless), FTP, SFTP, TFTP, HTTP, HTTPS, DHCP, DNS, ICMP, NTP
2.0 Addressing and Subnet Formats
2.1. Compare and contrast private addresses and public addresses.
Address classes, NAT concepts
2.2. Identify IPv4 addresses and subnet formats.
Subnet concepts, Subnet Calculator, slash notation, and subnet mask; broadcast domain
2.3. Identify IPv6 addresses and prefix formats.
Types of addresses, prefix concepts
3.0 Endpoints and Media Types
3.1. Identify cables and connectors commonly used in local area networks.
Cable types: fiber, copper, twisted pair; Connector types: coax, RJ-45, RJ-11, fiber connector types
3.2. Differentiate between Wi-Fi, cellular, and wired network technologies.
Copper, including sources of interference; fiber; wireless, including 802.11 (unlicensed, 2.4GHz, 5GHz, 6GHz), cellular (licensed), sources of interference
3.3. Describe endpoint devices.
Internet of Things (IoT) devices, computers, mobile devices, IP Phone, printer, server
3.4. Demonstrate how to set up and check network connectivity on Windows, Linux, Mac OS, Android, and Apple iOS.
Networking utilities on Windows, Linux, Android, and Apple operating systems; how to run troubleshooting commands; wireless client settings (SSID, authentication, WPA mode)
4.0 Infraestructure
4.1. Identify the status lights on a Cisco device when given instruction by an engineer.
Link light color and status (blinking or solid)
4.2. Use a network diagram provided by an engineer to attach the appropriate cables.
Patch cables, switches and routers, small topologies, power, rack layout
4.3. Identify the various ports on network devices.
Console port, serial port, fiber port, Ethernet ports, SFPs, USB port, PoE
4.4. Explain basic routing concepts.
Default gateway, layer 2 vs. layer 3 switches, local network vs. remote network
4.5. Explain basic switching concepts.
MAC address tables, MAC address filtering, VLAN
5.0 Diagnosing Problems
5.1. Demonstrate effective troubleshooting methodologies and help desk best practices, including ticketing, documentation, and information gathering.
Policies and procedures, accurate and complete documentation, prioritization
5.2. Perform a packet capture with Wireshark and save it to a file.
Purpose of using a packet analyzer, saving and opening a .pcap file
5.3. Run basic diagnostic commands and interpret the results.
ping, ipconfig/ifconfig/ip, tracert/traceroute, nslookup; recognize how firewalls can influence the result
5.4. Differentiate between different ways to access and collect data about network devices.
Remote access (RDP, SSH, telnet), VPN, terminal emulators, Console, Network Management Systems, cloud-managed network (Meraki), scripts
5.5. Run basic show commands on a Cisco network device.
show run, show cdp neighbors, show ip interface brief, show ip route, show version, show inventory, show switch, show mac address-table, show interface, show interface x, show interface status; privilege levels; command help and auto-complete
6.0 Security
6.1. Describe how firewalls operate to filter traffic.
Firewalls (blocked ports and protocols); rules deny or permit access
6.2. Describe foundational security concepts.
Confidentiality, integrity, and availability (CIA); authentication, authorization, and accounting (AAA); Multifactor Authentication (MFA); encryption, certificates, and password complexity; identity stores/databases (Active Directory); threats and vulnerabilities; spam, phishing, malware, and denial of service
6.3. Configure basic wireless security on a home router (WPAx).
WPA, WPA2, WPA3; choosing between Personal and Enterprise; wireless security concepts
Link para o blueprint:
https://learningnetwork.cisco.com/s/ccst-networking-exam-topics
Link da postagem original:
Acredito que essas duas novas certificações tem como público alvo os mercados emergentes (India, China, Latam etc) em que a mão de obra é mais barata e não possuí tanta qualificação, não acredito que ambas as certificações irão fazer sucesso no Brasil tendo em vista que entre ambas e o CCNA 99% das pessoas irão preferir ir direto pro CCNA, só encontraremos pessoas certificadas no CCST quando a empresa patrocinar ou se rolar algum tipo de edital.
Abraços pessoal
Fala Diego, beleza cara? Irmão, então você não acha tão viável estudar para tentar tirar essas certificações?? Obrigado!!
ResponderExcluirFala, irmão. Com certeza vale a pena tirar essa certificação CCST. Estou estudando e os conteúdos são muito bons e valiosos. Inclusive a trilha preparatória aborda temas com profundidade. Tive contato recentemente com algumas pessoas no Linkedin que possuem essa certificação e me disseram que vale a pena investir na certificação e estudar, até porque a maioria dos profissionais hoje nem certificação tem e ela é uma certificação Cisco, então na minha opinião vale muito o investimento (que também nem é tão alto).
Excluir