Understanding Cisco Cybersecurity Fundamentals (SECFND)

Our classes are always live and instructor led from our Exton, PA or EPIC Partner locations. Springhouse AnywhereLive options require Internet Access. Select classes are Guaranteed to Run (GTR). View our complete schedule policies.





cd6e4e87-84e6-e711-8b1b-00155d0a14062018-05-14T08:00:00Z3595.000000000001510:00 AM6:00 PMExtoncd6e4e87-84e6-e711-8b1b-00155d0a1406


The Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0 course will provide you with an understanding of network infrastructure devices, operations and vulnerabilities of the TCP/IP protocol suite, basic information security concepts, common network application operations and attacks, the Windows and Linux operating systems, and the types of data that are used to investigate security incidents.

After completing this course, you will have basic knowledge that is required to perform the job role of an entry-level cybersecurity analyst in a threat-centric security operations center.

Intended Audience

This course is intended for students who have general knowledge about:

  • Security Operations Center – Security Analyst
  • Computer/Network Defense Analysts
  • Computer Network Defense Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel.
  • Students beginning a career, entering the cybersecurity field.
  • Cisco Channel Partners

At Completion

​After completion of this course, students will be able to...

  • Describe, compare and identify various network concepts
  • Fundamentals of TCP/IP
  • Describe and compare fundamental security concepts
  • Describe network applications and the security challenges
  • Understand basic cryptography principles.
  • Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux
  • Develop knowledge in security monitoring, including identifying sources and types of data and events
  • Know various attack methods, security weaknesses, evasion methods, and remote versus local exploits


​To fully benefit from this course, students should have the following prerequisite skills and knowledge:

  • Cisco certification (Cisco CCENT certification or higher)
  • Relevant industry certification [(ISC)2, CompTIA Security+, EC-Council, GIAC, ISACA]
  • Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
  • Windows expertise: Microsoft (Microsoft Specialist, MCSA, MCSE), CompTIA (A+, Network+, Server+)
  • Linux expertise: CompTIA (Linux+), Linux Professional Institute (LPI) certification, Linux Foundation (LFCS, LFCE), Red Hat (RHCSA, RHCE, RHCA), Oracle Linux (OCA, OCP)

Exams & Certifications


Course Outline

Module 1: TCP/IP and Cryptography Concepts

Lesson 1: Understanding the TCP/IP Protocol Suite

  • OSI Model
  • TCP/IP Model
  • Introduction to the Internet Protocol
  • IP Addressing
  • IP Address Classes
  • Reserved IP Addresses
  • Public and Private IP Addresses
  • IPv6 Addresses
  • Introduction to the Transmission Control Protocol
  • TCP Three-Way Handshake
  • Introduction to the User Datagram Protocol
  • TCP and UDP Ports
  • Address Resolution Protocol
  • Host-to-Host Packet Delivery Using TCP
  • Dynamic Host Configuration Protocol
  • Domain Name System
  • Internet Control Message Protocol
  • Packet Capture Using tcpdump
  • Wireshark

Lesson 2: Understanding the Network Infrastructure

  • Analyzing DHCP Operations
  • IP Subnetting
  • Hubs, Bridges, and Layer 2 Switches
  • VLANs and Trunks
  • Spanning Tree Protocols
  • Standalone (Autonomous) and Lightweight Access Points
  • Routers
  • Routing Protocols
  • Multilayer Switches
  • NAT Fundamentals
  • Packet Filtering with ACLs
  • ACLs with the Established Option

Lesson 3: Understanding Common TCP/IP Attacks

  • Legacy TCP/IP Vulnerabilities
  • IP Vulnerabilities
  • ICMP Vulnerabilities
  • TCP Vulnerabilities
  • UDP Vulnerabilities
  • Attack Surface and Attack Vectors
  • Reconnaissance Attacks
  • Access Attacks
  • Man-in-the-Middle (MITM) Attacks
  • Denial of Service and Distributed Denial of Service
  • Reflection and Amplification Attacks
  • Spoofing Attacks
  • DHCP Attacks

Lesson 4: Understanding Basic Cryptography Concepts

  • Impact of Cryptography on Security Investigations
  • Cryptography Overview
  • Hash Algorithms
  • Encryption Overview
  • Cryptanalysis
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption Algorithms
  • Diffie-Hellman Key Agreement
  • Use Case: SSH
  • Digital Signatures
  • PKI Overview
  • PKI Operations
  • Use Case: SSL/TLS
  • Cipher Suite
  • Key Management
  • NSA Suite B


Module 2: Network Applications and Endpoint Security

Lesson 1: Describing Information Security Concepts

  • Information Security Confidentiality, Integrity, and Availability
  • Personally Identifiable Information
  • Risk
  • Vulnerability Assessment
  • CVSS v3.0
  • Access Control Models
  • Regulatory Compliance
  • Information Security Management
  • Security Operations Center

Lesson 2: Understanding Network Applications

  • DNS Operations
  • Recursive DNS Query
  • Dynamic DNS
  • HTTP Operations
  • HTTPS Operations
  • Web Scripting
  • SQL Operations
  • SMTP Operations

Lesson 3: Understanding Common Network Application Attacks

  • Password Attacks
  • Pass-the-Hash Attacks
  • DNS-Based Attacks
  • DNS Tunneling
  • Web-Based Attacks
  • Malicious iFrames
  • HTTP 302 Cushioning
  • Domain Shadowing
  • Command Injections
  • SQL Injections
  • Cross-Site Scripting and Request Forgery
  • Email-Based Attacks

Lesson 4: Understanding Windows Operating System Basics

  • Windows Operating System History
  • Windows Operating System Architecture
  • Windows Processes, Threads, and Handles
  • Windows Virtual Memory Address Space
  • Windows Services
  • Windows File System Overview
  • Windows File System Structure
  • Windows Domains and Local User Accounts
  • Windows Graphical User Interface
  • Run as Administrator
  • Windows Command Line Interface 
  • Windows PowerShell
  • Windows net Command
  • Controlling Startup Services and Executing System Shutdown
  • Controlling Services and Processes
  • Monitoring System Resources
  • Windows Boot Process
  • Windows Networking
  • Windows netstat Command
  • Accessing Network Resources with Windows
  • Windows Registry
  • Windows Event Logs
  • Windows Management Instrumentation
  • Common Windows Server Functions
  • Common Third-Party Tools

Lesson 5: Understanding Linux Operating System Basics

  • History and Benefits of Linux
  • Linux Architecture
  • Linux File System Overview
  • Basic File System Navigation and Management Commands
  • File Properties and Permissions
  • Editing File Properties
  • Root and Sudo
  • Disks and File Systems
  • System Initialization
  • Emergency/Alternate Startup Options
  • Shutting Down the System
  • System Processes
  • Interacting with Linux
  • Linux Command Shell Concepts
  • Piping Command Output
  • Other Useful Command Line Tools
  • Overview of Secure Shell Protoco
  • Networking
  • Managing Services in SysV Environments
  • Viewing Running Network Services
  • Name Resolution: DNS
  • Testing Name Resolution
  • Viewing Network Traffic
  • System Logs
  • Configuring Remote syslog 
  • Running Software on Linux
  • Executables vs. Interpreters
  • Using Package Managers to Install Software in Linux
  • System Applications
  • Lightweight Directory Access Protocol

Lesson 6: Understanding Common Endpoint Attacks

  • Classify Attacks, Exploits, and Vulnerabilities
  • Buffer Overflow
  • Malware
  • Reconnaissance
  • Gaining Access and Control
  • Gaining Access via Social Engineering
  • Social Engineering Example: Phishing
  • Gaining Access Via Web-Based Attacks
  • Exploit Kits
  • Rootkits
  • Privilege Escalation
  • Pivoting
  • Post-Exploitation Tools Examples
  • Exploit Kit Example: Angler

Lesson 7: Understanding Network Security Technologies

  • Defense-in-Depth Strategy
  • Defend Across the Attack Continuum
  • Authentication, Authorization, and Accounting
  • Identity and Access Management
  • Stateful Firewall
  • Network Taps
  • Switched Port Analyzer
  • Remote Switched Port Analyzer
  • Intrusion Prevention System
  • IPS Evasion Techniques
  • Snort Rules
  • VPNs
  • Email Content Security
  • Web Content Security
  • DNS Security
  • Network-Based Malware Protection
  • Next Generation Firewall
  • Security Intelligence
  • Threat Analytic Systems
  • Network Security Device Form Factors
  • Security Onion Overview
  • Security Tools Reference

Lesson 8: Understanding Endpoint Security Technologies

  • Host-Based Personal Firewall
  • Host-Based Anti-Virus
  • Host-Based Intrusion Prevention System
  • Application Whitelists and Blacklists
  • Host-Based Malware Protection
  • Sandboxing
  • File Integrity Checking


Module 3: Security Monitoring and Analysis

Lesson 1: Describing Security Data Collection

  • Network Security Monitoring Placement
  • Network Security Monitoring Data Types
  • Intrusion Prevention System Alerts
  • True/False, Positive/Negative IPS Alerts
  • IPS Alerts Analysis Process
  • Firewall Log
  • DNS Log
  • Web Proxy Log
  • Email Proxy Log
  • AAA Server Log
  • Next Generation Firewall Log
  • Applications Log
  • Packet Captures
  • NetFlow
  • Network Behavior Anomaly Detection
  • Data Loss Detection Using Netflow Example
  • Security Information and Event Management Systems

Lesson 2: Describing Security Event Analysis

  • Cyber Kill Chain
  • Advanced Persistent Threats
  • Diamond Model for Intrusion Analysis
  • Cybersecurity Threat Models Summary
  • SOC Runbook Automation
  • Malware Reverse Engineering 
  • Chain of Custody
  • Challenge



  • Guided Lab 1: Explore the TCP/IP Protocol Suite
  • Guided Lab 2: Explore the Network Infrastructure
  • Guided Lab 3: Explore TCP/IP Attacks
  • Guided Lab 4: Explore Cryptographic Technologies
  • Guided Lab 5: Explore Network Applications
  • Guided Lab 6: Explore Network Application Attacks
  • Guided Lab 7: Explore the Windows Operating System
  • Guided Lab 8: Explore the Linux Operating System
  • Guided Lab 9: Explore Endpoint Attacks
  • Guided Lab 10: Explore Network Security Technologies
  • Guided Lab 11: Explore Endpoint Security
  • Guided Lab 12: Explore Security Data for Analysis



Understanding Cisco Cybersecurity Fundamentals (SECFND)http://springhouse.com/course-catalog/SECFNDUnderstanding Cisco Cybersecurity Fundamentals (SECFND)

Get More Information




Help us prove you're not a robot:

 ‭(Hidden)‬ Catalog-Item Reuse

Microsoft Gold Partner


AXELOS Limited

The Microsoft Gold CPLS logo is a mark of Microsoft, Inc.

The PMI R.E.P. logo is a mark of the Project Management Institute, Inc.

ITIL® is a registered trade mark of AXELOS Limited.
IT Infrastructure Library® is a registered trade mark of AXELOS Limited
The Swirl logo™ is a registered trade mark of AXELOS Limited
Accredited course material is property of ITSM Academy.

Connect with us

Springhouse Education & Consulting Services

Corporate HQ:Eagleview Corporate Park
707 Eagleview Boulevard
Suite 207
Exton, PA 19341

610-321-3500 - info@springhouse.com