If you have been studying for the Cisco CyberOps Associate exam and suddenly cannot find it by that name, you are not going mad. In early 2026 Cisco renamed the certification to CCNA Cybersecurity, kept the same 200-201 exam code, and quietly refreshed the content to version 1.2 with a set of new AI objectives. The result is a lot of confused candidates asking the same three questions: what actually changed, does my old study material still count, and is the cert still worth taking?
This guide answers all three. The short version is that the CCNA Cybersecurity 200-201 exam is the same entry-level security operations certification you were already preparing for, it now carries a clearer name, and the v1.2 update makes it more relevant to a modern SOC, not less. The detail matters though, especially if you bought study materials before January 2026.
The rename timeline: from CyberOps to CCNA Cybersecurity
Cisco changed the name twice in the space of a fortnight, which is a large part of why the search results are such a mess right now.
- On 21 January 2026, Cisco CyberOps Associate became Cisco Certified Cybersecurity Associate, and the exam moved to version 1.2.
- On 3 February 2026, Cisco renamed it again to CCNA Cybersecurity, aligning it with the familiar CCNA and CCNP naming used across the rest of the Cisco certification programme.
Through all of this, the exam code stayed as 200-201, now carrying the suffix CCNACBR (it was previously known as CBROPS). If you held an active CyberOps Associate certification on 3 February 2026, Cisco migrated it automatically to CCNA Cybersecurity with no retesting required.
Exam Tip: The exam code 200-201 is your anchor. Whenever a training provider, practice test, or forum post mentions "CyberOps Associate", "CCNACBR", or "CCNA Cybersecurity", check for 200-201. If it says 200-201 v1.2, it is the current exam. If it says v1.1 or earlier, the AI objectives are missing.
Why Cisco bothered
The old CyberOps name sat awkwardly next to CCNA and CCNP. Employers scanning a CV understood "CCNA" instantly but often did not know where "CyberOps Associate" fitted in the Cisco hierarchy. Folding it into the CCNA family makes the level obvious: this is an associate-tier credential, the security operations sibling of the routing and switching CCNA (200-301).
What changed in the 200-201 v1.2 exam
The rename grabbed the headlines, but the content update is the part that affects how you study. Version 1.2 threads artificial intelligence through the existing security operations material rather than bolting on a separate domain.
The new and expanded objectives focus on how AI is actually showing up in a security operations centre:
- Using AI tools for threat detection and security monitoring.
- Recognising AI-generated social engineering, including deepfake and phishing content.
- Applying AI to threat intelligence and endpoint monitoring workflows.
- Understanding the role of AI and automation in day-to-day SOC analysis.
Everything else you expected from CyberOps is still there. The exam still tests the fundamentals of how a SOC detects, triages, and responds to security incidents. If anything, the update makes the certification a better mirror of what a junior analyst is asked to do in 2026.
Exam Tip: Study materials branded "CyberOps Associate" and dated before January 2026 will not include the v1.2 AI objectives. They are still useful for the core 80 percent of the blueprint, but you must top them up with current AI security operations content.
CCNA Cybersecurity 200-201 exam at a glance
Here are the exam facts as they stand for the 2026 v1.2 version.
| Detail | CCNA Cybersecurity (200-201 CCNACBR) |
|---|---|
| Previous name | CyberOps Associate (200-201 CBROPS) |
| Exam duration | 120 minutes |
| Question count | Roughly 95 to 105 questions |
| Question types | Multiple choice, drag and drop, simulations |
| Exam cost | 300 USD |
| Prerequisites | None (recommended: basic networking and one year of security experience) |
| Certification validity | 3 years |
| DoD 8140 | Approved (Cyber Defense Analyst and Cyber Defense Infrastructure Support roles) |
A quick note on the pass mark: Cisco does not publish an official cut score for the 200-201. Unlike vendors that print a fixed number such as 750 out of 900, Cisco keeps its scaled passing score confidential and adjusts it per exam form. Ignore any site that quotes a definitive figure, and instead aim to be comfortably strong across every domain.
The five exam domains
The 200-201 v1.2 blueprint covers five domains. The published weightings are:
- Security Monitoring (25%) - the largest domain, covering data types, monitoring tools, and how to spot malicious activity in logs and traffic.
- Security Concepts (20%) - the CIA triad, defence-in-depth, common attacks, and core security terminology.
- Host-Based Analysis (20%) - endpoint telemetry, logs, malware analysis basics, and the Windows and Linux artefacts an analyst reads.
- Network Intrusion Analysis (20%) - packet and protocol analysis, IDS and IPS output, and interpreting network evidence.
- Security Policies and Procedures (15%) - incident response, the incident handling process, and common SOC playbooks.
Security Monitoring and Network Intrusion Analysis together make up nearly half the exam, which tells you where to spend most of your revision time. These are the day-job skills of a SOC analyst, so the exam weights them accordingly.
Does your existing study progress still count?
This is the question causing the most anxiety, and the answer is reassuring: yes, almost all of it counts.
- If you already passed CyberOps Associate before 3 February 2026, your certification was migrated to CCNA Cybersecurity automatically. You do not need to resit anything.
- If you were part way through studying on older v1.1 material, roughly 80 percent of the blueprint is unchanged. Keep that material and add current AI security operations content to cover the v1.2 objectives.
- If you are starting fresh in 2026, buy or follow only v1.2, 200-201, CCNA Cybersecurity resources so the AI objectives are baked in from day one.
The core skills of security monitoring, host analysis, and network intrusion analysis did not change. Cisco added a modern layer on top, it did not rip out the foundation.
Is the CCNA Cybersecurity certification worth it in 2026?
For anyone aiming at a first defensive security role, the CCNA Cybersecurity 200-201 remains one of the most job-relevant entry certifications available. Here is the honest case for and against.
The case for taking it
- It maps to real SOC work. The blueprint mirrors what a Tier 1 analyst does: monitor, triage, and escalate. That is rare in an entry-level cert.
- It is DoD 8140 approved. The certification maps to United States Department of Defense work roles including Cyber Defense Analyst and Cyber Defense Infrastructure Support Specialist, which opens government and contractor roles.
- The salary ceiling is healthy. ZipRecruiter data from April 2026 put the national average SOC analyst salary at 122,108 USD, with entry-level roles typically landing between 80,000 and 100,000 USD.
- The new name carries weight. "CCNA Cybersecurity" is instantly recognisable to recruiters in a way "CyberOps Associate" never quite was.
The case for pausing
- If you want a vendor-neutral first cert, CompTIA Security+ or CySA+ may fit a broader range of job adverts. The Cisco cert leans toward Cisco-aligned tooling and SOC workflows.
- If your goal is penetration testing rather than defence, an offensive path such as CompTIA PenTest+ or a practical red-team cert is a better use of your study time.
How it compares to the alternatives
| Certification | Focus | Vendor | Best for |
|---|---|---|---|
| CCNA Cybersecurity (200-201) | Security operations, SOC monitoring | Cisco | Aspiring SOC analysts, DoD roles |
| CompTIA Security+ (SY0-701) | Broad security foundations | Vendor-neutral | First security cert, widest job coverage |
| CompTIA CySA+ (CS0-004) | Threat detection and analysis | Vendor-neutral | Analyst roles, a step above Security+ |
| ISC2 CC | Entry security concepts | Vendor-neutral | Absolute beginners, free exam route |
If you are deciding between the Cisco route and CompTIA, our comparison of CySA+ and Security+ and our guide to the ISC2 CC versus CompTIA Security+ will help you pick the entry point that matches your target job.
How to prepare for the 200-201 v1.2 exam
A focused eight-week plan works well for most candidates who already have some IT or networking background.
- Weeks 1 to 2: Security Concepts and Security Policies and Procedures. Build your vocabulary and the incident response process first, because everything else references it.
- Weeks 3 to 5: Security Monitoring and Network Intrusion Analysis. This is the heaviest block by exam weight, so give it the most time. Practise reading logs, packet captures, and IDS alerts.
- Weeks 6 to 7: Host-Based Analysis plus the new v1.2 AI objectives. Learn the endpoint artefacts, then layer on how AI tools assist detection and how AI-generated social engineering works.
- Week 8: Full-length practice exams under timed conditions. Review every wrong answer until you understand why the correct option wins.
Exam Tip: Simulations and drag-and-drop items reward hands-on familiarity. Reading about a SIEM is not the same as clicking through one. Spend real time interpreting sample logs and alerts, not just memorising definitions.
The single biggest prep mistake is relying on old v1.1 material without checking for the AI objectives. The second is under-practising the monitoring and intrusion domains, which together decide nearly half your score. Timed practice questions fix both problems by exposing the gaps before exam day does.
Ready to Start Practising?
The CCNA Cybersecurity 200-201 rebrand does not change what it takes to pass: strong fundamentals across five domains and enough realistic practice to stay calm under the clock. CertCrush turns that into a plan you can actually follow, with up-to-date practice questions and exam-style scenarios built for the current v1.2 objectives.
Create your free CertCrush account and start practising today, or browse our full range of certification courses to line up your next move after CCNA Cybersecurity. Study the modern SOC skills employers are hiring for, then walk into the exam knowing you have already seen questions like these.