quinta-feira, 26 de janeiro de 2023

Cisco Certified Support Technician Cybersecurity e Networking


Fala galera beleza?

A Cisco anunciou nos últimos dias 2 novas certificações de nível de entrada, o CCST (Cisco Certified Support Technician) Cybersecurity e o CCST Networking que estarão disponíveis em 1º de Março para a de Cybersec e a segunda a partir de Abril deste ano:



É mais uma tentativa da Cisco de entrar no mercado das certificações para suporte técnico e service desk para iniciantes, as provas custarão $125 dólares e o path de Cybersecurity já está disponível no Netacademy (https://skillsforall.com/career-path/cybersecurity?userLang=en-US), o de Networking será  adicionado até Abril.

Segue o blueprint oficial de cada prova:


Exam Topics para a prova CCST Cybersecurity:

1.0 Essential Security Principles

 1.1. Define essential security principles

Vulnerabilities, threats, exploits, and risks; attack vectors; hardening; defense-in-depth; confidentiality, integrity, and availability (CIA); types of attackers; reasons for attacks; code of ethics

1.2. Explain common threats and vulnerabilities

Malware, ransomware, denial of service, botnets, social engineering attacks (tailgating, spear phishing, phishing, vishing, smishing, etc.), physical attacks, man in the middle, IoT vulnerabilities, insider threats, Advanced Persistent Threat (APT)

1.3. Explain access management principles

Authentication, authorization, and accounting (AAA); RADIUS; multifactor authentication (MFA); password policies

1.4. Explain encryption methods and applications

Types of encryption, hashing, certificates, public key infrastructure (PKI); strong vs. weak encryption algorithms; states of data and appropriate encryption (data in transit, data at rest, data in use); protocols that use encryption


2.0 Basic Network Security Concepts

2.1. Describe TCP/IP protocol vulnerabilities

TCP, UDP, HTTP, ARP, ICMP, DHCP, DNS

2.2. Explain how network addresses impact network security

IPv4 and IPv6 addresses, MAC addresses, network segmentation, CIDR notation, NAT, public vs. private networks

2.3. Describe network infrastructure and technologies

Network security architecture, DMZ, virtualization, cloud, honeypot, proxy server, IDS, IPS

2.4. Set up a secure wireless SoHo network

MAC address filtering, encryption standards and protocols, SSID

2.5. Implement secure access technologies

ACL, firewall, VPN, NAC


3.0 Endpoint Security Concepts

3.1. Describe operating system security concepts

Windows, macOS, and Linux; security features, including Windows Defender and host-based firewalls; CLI and PowerShell; file and directory permissions; privilege escalation

3.2. Demonstrate familiarity with appropriate endpoint tools that gather security assessment information

netstat, nslookup, tcpdump

3.3. Verify that endpoint systems meet security policies and standards

Hardware inventory (asset management), software inventory, program deployment, data backups, regulatory compliance (PCI DSS, HIPAA, GDPR), BYOD (device management, data encryption, app distribution, configuration management)

3.4. Implement software and hardware updates

Windows Update, application updates, device drivers, firmware, patching

3.5. Interpret system logs

Event Viewer, audit logs, system and application logs, syslog, identification of anomalies

3.6. Demonstrate familiarity with malware removal

Scanning systems, reviewing scan logs, malware remediation


4.0 Vulnerability Assessment and Risk Management

4.1. Explain vulnerability management

Vulnerability identification, management, and mitigation; active and passive reconnaissance; testing (port scanning, automation)

4.2. Use threat intelligence techniques to identify potential network vulnerabilities

Uses and limitations of vulnerability databases; industry-standard tools used to assess vulnerabilities and make recommendations, policies, and reports; Common Vulnerabilities and Exposures (CVEs), cybersecurity reports, cybersecurity news, subscription services, and collective intelligence; ad hoc and automated threat intelligence; the importance of updating documentation and other forms of communication proactively before, during, and after cybersecurity incidents; how to secure, share and update documentation

4.3. Explain risk management

Vulnerability vs. risk, ranking risks, approaches to risk management, risk mitigation strategies, levels of risk (low, medium, high, extremely high), risks associated with specific types of data and data classifications, security assessments of IT systems (information security, change management, computer operations, information assurance)

4.4. Explain the importance of disaster recovery and business continuity planning

Natural and human-caused disasters, features of disaster recovery plans (DRP) and business continuity plans (BCP), backup, disaster recovery controls (detective, preventive, and corrective)


5.0 Incident Handling

5.1. Monitor security events and know when escalation is required

Role of SIEM and SOAR, monitoring network data to identify security incidents (packet captures, various log file entries, etc.), identifying suspicious events as they occur

5.2. Explain digital forensics and attack attribution processes

Cyber Kill Chain, MITRE ATT&CK Matrix, and Diamond Model; Tactics, Techniques, and Procedures (TTP); sources of evidence (artifacts); evidence handling (preserving digital evidence, chain of custody)

5.3. Explain the impact of compliance frameworks on incident handling

Compliance frameworks (GDPR, HIPAA, PCI-DSS, FERPA, FISMA), reporting and notification requirements

5.4. Describe the elements of cybersecurity incident response

Policy, plan, and procedure elements; incident response lifecycle stages (NIST Special Publication 800-61 sections 2.3, 3.1-3.4


Link Blueprint CCST Cybersecurity

https://learningnetwork.cisco.com/s/ccst-cybersecurity-exam-topics


Exam Topics para a prova CCST Networking:

1.0 Standards and Concepts

1.1. Identify the fundamental conceptual building blocks of networks.

TCP/IP model, OSI model, frames and packets, addressing

1.2. Differentiate between bandwidth and throughput.

Latency, delay, speed test vs. Iperf

1.3. Differentiate between LAN, WAN, MAN, CAN, PAN, and WLAN.

Identify and illustrate common physical and logical network topologies.

1.4. Compare and contrast cloud and on-premises applications and services.

Public, private, hybrid, SaaS, PaaS, IaaS, remote work/hybrid work

1.5. Describe common network applications and protocols.

TCP vs. UDP (connection-oriented vs. connectionless), FTP, SFTP, TFTP, HTTP, HTTPS, DHCP, DNS, ICMP, NTP


2.0 Addressing and Subnet Formats

2.1. Compare and contrast private addresses and public addresses.

Address classes, NAT concepts

2.2. Identify IPv4 addresses and subnet formats.

Subnet concepts, Subnet Calculator, slash notation, and subnet mask; broadcast domain

2.3. Identify IPv6 addresses and prefix formats.

Types of addresses, prefix concepts


3.0 Endpoints and Media Types

3.1. Identify cables and connectors commonly used in local area networks.

Cable types: fiber, copper, twisted pair; Connector types: coax, RJ-45, RJ-11, fiber connector types

3.2. Differentiate between Wi-Fi, cellular, and wired network technologies.

Copper, including sources of interference; fiber; wireless, including 802.11 (unlicensed, 2.4GHz, 5GHz, 6GHz), cellular (licensed), sources of interference

3.3. Describe endpoint devices.

Internet of Things (IoT) devices, computers, mobile devices, IP Phone, printer, server

3.4. Demonstrate how to set up and check network connectivity on Windows, Linux, Mac OS, Android, and Apple iOS.

Networking utilities on Windows, Linux, Android, and Apple operating systems; how to run troubleshooting commands; wireless client settings (SSID, authentication, WPA mode)


4.0 Infraestructure

4.1. Identify the status lights on a Cisco device when given instruction by an engineer.

Link light color and status (blinking or solid)

4.2. Use a network diagram provided by an engineer to attach the appropriate cables.

Patch cables, switches and routers, small topologies, power, rack layout

4.3. Identify the various ports on network devices.

Console port, serial port, fiber port, Ethernet ports, SFPs, USB port, PoE

4.4. Explain basic routing concepts.

Default gateway, layer 2 vs. layer 3 switches, local network vs. remote network

4.5. Explain basic switching concepts.

MAC address tables, MAC address filtering, VLAN


5.0 Diagnosing Problems

5.1. Demonstrate effective troubleshooting methodologies and help desk best practices, including ticketing, documentation, and information gathering.

Policies and procedures, accurate and complete documentation, prioritization

5.2. Perform a packet capture with Wireshark and save it to a file.

Purpose of using a packet analyzer, saving and opening a .pcap file

5.3. Run basic diagnostic commands and interpret the results.

ping, ipconfig/ifconfig/ip, tracert/traceroute, nslookup; recognize how firewalls can influence the result

5.4. Differentiate between different ways to access and collect data about network devices.

Remote access (RDP, SSH, telnet), VPN, terminal emulators, Console, Network Management Systems, cloud-managed network (Meraki), scripts

5.5. Run basic show commands on a Cisco network device.

show run, show cdp neighbors, show ip interface brief, show ip route, show version, show inventory, show switch, show mac address-table, show interface, show interface x, show interface status; privilege levels; command help and auto-complete


6.0 Security

6.1. Describe how firewalls operate to filter traffic.

Firewalls (blocked ports and protocols); rules deny or permit access

6.2. Describe foundational security concepts.

Confidentiality, integrity, and availability (CIA); authentication, authorization, and accounting (AAA); Multifactor Authentication (MFA); encryption, certificates, and password complexity; identity stores/databases (Active Directory); threats and vulnerabilities; spam, phishing, malware, and denial of service

6.3. Configure basic wireless security on a home router (WPAx).

WPA, WPA2, WPA3; choosing between Personal and Enterprise; wireless security concepts

Link para o blueprint:

https://learningnetwork.cisco.com/s/ccst-networking-exam-topics


Link da postagem original:

https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/entry/ccst-certifications.html#~ccst-certifications


Acredito que essas duas novas certificações tem como público alvo os mercados emergentes (India, China, Latam etc) em que a mão de obra é mais barata e não possuí tanta qualificação, não acredito que ambas as certificações irão fazer sucesso no Brasil tendo em vista que entre ambas e o CCNA 99% das pessoas irão preferir ir direto pro CCNA, só encontraremos pessoas certificadas no CCST quando a empresa patrocinar ou se rolar algum tipo de edital.

Abraços pessoal

Um comentário:

  1. Fala Diego, beleza cara? Irmão, então você não acha tão viável estudar para tentar tirar essas certificações?? Obrigado!!

    ResponderExcluir