Live Cisco CBRTHD Training Course

Guaranteed to Run

Upcoming Dates	Class Times	Class Format	Quote
8/3 - 8/7, 2026	10:00 AM - 6:00 PM ET 9:00 AM - 5:00 PM CT 7:00 AM - 3:00 PM PT 4:00 AM - 12:00 PM HT	Instructor-Led	Instant Quote
12/7 - 12/11, 2026	10:00 AM - 6:00 PM ET 9:00 AM - 5:00 PM CT 7:00 AM - 3:00 PM PT 4:00 AM - 12:00 PM HT	Instructor-Led	Instant Quote
	Self-Paced	Online Self-Study	Instant Quote

Watch a Live Class in Progress and save $250 on your next course.

See what makes CED Solutions the best choice for your IT Training.

• Ask Questions
• Talk with the Instructor
• Join Class discussions

This is a live class in progress - please mute your microphone and be respectful of the students attending.

Instructor-Led

• Cisco Official Courseware
• Cisco Official Labs
• Lifetime access to Courseware
• Practice and Certification exam(s) (with exam pass guarantee)

If you aren't successful with your first attempt at the exam, we have an exam pass guarantee.

You may re-sit the course in its entirety for an additional exam voucher for up to 6 months (must provide proof of a failed exam for an additional exam voucher).

Instant Quote

Online Self-Study

Instant Quote

Can't travel or you want to stay with your family or business. No problem!

Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.

Remote Classroom Training

Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers.

You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.

CED Solutions Rewards Points Program

"The instructor was very informative. He led us through great group discussions and was always helpful with any questions we had. CED Solutions was a great school to attend. Thank you CED Solutions!"

-Dominic Esqulbel, Denver, CO

The Conducting Threat Hunting and Defending using Cisco Technologies for CyberOps (CBRTHD) training is a Cisco threat hunting training that introduces and guides you to a proactive security search through networks, endpoints, and datasets to hunt for malicious, suspicious, and risky activities that may have evaded detection by existing tools. In this training, you will learn the core concepts, methods, and processes used in threat hunting investigations. This training provides an environment for attack simulation and threat hunting skill development using a wide array of security products and platforms from Cisco and third-party vendors.

This training prepares you for the 300-220 CBRTHD exam. If passed, you earn the Cisco Certified Specialist - Threat Hunting and Defending certification and satisfy the concentration exam requirement for the Cisco Certified CyberOps Professional certification.

This training also earns you 40 credits towards recertification.

Who Should Attend

• Security Operations Center staff
• Security Operations Center (SOC) Tier 2 Analysts
• Threat Hunters
• Cyber Threat Analysts
• Threat Managers
• Risk Managements

How You'll Benefit

This training will help you:

• Learn how to perform a proactive security search through networks, endpoints, and datasets to hunt for malicious, suspicious, and risky activities that may have evaded detection by existing tools
• Gain leading-edge career skills focused on cybersecurity
• Prepare for the 300-220 CBRTHD v1.0 exam
• Earn 40 CE credits toward recertification

Course Objectives

• Define threat hunting and identify core concepts used to conduct threat hunting investigations
• Examine threat hunting investigation concepts, frameworks, and threat models
• Define cyber threat hunting process fundamentals
• Define threat hunting methodologies and procedures
• Describe network-based threat hunting
• Identify and review endpoint-based threat hunting
• Identify and review endpoint memory-based threats and develop endpoint-based threat detection
• Define threat hunting methods, processes, and Cisco tools that can be utilized for threat hunting
• Describe the process of threat hunting from a practical perspective
• Describe the process of threat hunt reporting

Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

• General knowledge of networks and network security

Course Outline

• Threat Hunting Theory
• Threat Hunting Concepts, Frameworks, and Threat Models
• Threat Hunting Process Fundamentals
• Threat Hunting Methodologies and Procedures
• Network-Based Threat Hunting
• Endpoint-Based Threat Hunting
• Endpoint-Based Threat Detection Development
• Threat Hunting with Cisco Tools
• Threat Hunting Investigation Summary: A Practical Approach
• Reporting the Aftermath of a Threat Hunt Investigation

Lab Outline

• Categorize Threats with MITRE ATTACK Tactics and Techniques
• Compare Techniques Used by Different APTs with MITRE ATTACK Navigator
• Model Threats Using MITRE ATTACK and D3FEND
• Prioritize Threat Hunting Using the MITRE ATTACK Framework and Cyber Kill Chain
• Determine the Priority Level of Attacks Using MITRE CAPEC
• Explore the TaHiTI Methodology
• Perform Threat Analysis Searches Using OSINT
• Attribute Threats to Adversary Groups and Software with MITRE ATTACK
• Emulate Adversaries with MITRE Caldera
• Find Evidence of Compromise Using Native Windows Tools
• Hunt for Suspicious Activities Using Open-Source Tools and SIEM
• Capturing of Network Traffic
• Extraction of IOC from Network Packets
• Usage of ELK Stack for Hunting Large Volumes of Network Data
• Analyzing Windows Event Logs and Mapping Them with MITRE Matrix
• Endpoint Data Acquisition
• Inspect Endpoints with PowerShell
• Perform Memory Forensics with Velociraptor
• Detect Malicious Processes on Endpoints
• Identify Suspicious Files Using Threat Analysis
• Conduct Threat Hunting Using Cisco Secure Firewall, Cisco Secure Network Analytics, and Splunk
• Conduct Threat Hunt Using Cisco XDR Control Center and Investigate
• Initiate, Conduct, and Conclude a Threat Hunt

CED Solutions is your best choice for Cisco CBRTHD, Cisco CBRTHD training, Cisco CBRTHD certification, Cisco CBRTHD boot camp, Cisco CBRTHD certification training, Cisco CBRTHD certification course, Cisco CBRTHD course, Cisco CBRTHD class.