About This Study Plan
This 90 days study plan breaks the CYBEROPS (CyberOps Associate) exam preparation into 3 focused study sessions with a total of 7 actionable tasks. The plan covers all 5 exam domains — Security Concepts, Security Monitoring, Host-Based Analysis, Network Intrusion Analysis, Security Policies and Procedures — ensuring complete coverage of the exam blueprint. Comprehensive plan for security beginners. Includes hands-on labs and builds from networking basics to SOC-level analysis skills.
Prerequisites
- No prior security experience required
- Basic computer literacy
- 1–2 hours per day
Study Schedule
- Weeks 1–2: TCP/IP networking, OSI model, common protocols and ports
- Weeks 3–4: Security concepts, CIA triad, attack types, cryptography basics
- Weeks 5–6: Wireshark packet analysis, syslog, SNMP, NetFlow labs
- Weeks 7–8: Host-based analysis, Windows/Linux forensics, malware investigation
- Week 9: Network intrusion analysis, IDS/IPS, Snort rules
- Week 10: Incident response, SOC operations, MITRE ATT&CK
- Weeks 11–12: Practice exams, review, flashcards, weak area focus
Study Tips
Install Wireshark and practice with sample PCAP files from malware-traffic-analysis.net.
Study in a lab environment — TryHackMe and Hack The Box have free cybersecurity exercises.
The exam tests analysis skills, not just memorization — practice interpreting data.
Recommended Cisco Study Resources
Supplement this study plan with Cisco's official cert guides (published by Cisco Press) and free Packet Tracer labs. The Cisco Learning Network community forums are valuable for discussing exam topics with other candidates and CCIEs. Allocate at least 30% of your study time to hands-on lab practice — configuring, troubleshooting, and verifying are skills that can only be built through repetition.
Ready to Practice?
Put your study plan into action with CYBEROPS practice questions.