Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS)

Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS)

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) – Hands-on

This Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course focuses on the introductory-level skills needed for a SOC Analyst at the associate level, such as understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Learn how a Security Operations Center (SOC) functions and gain the introductory-level skills and knowledge required for success. Students obtain the core skills needed to grasp the associate-level material in the 210-255 exam “Implementing Cisco Cybersecurity Operations (SECOPS),” which, when combined with passing the 210-250 SECFND exam, lead to the CCNA Cyber Ops certification.

Customize It:

» If you are familiar with some aspects of this Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course, we can omit or shorten their discussion.
» We can adjust the emphasis placed on the various topics or build the Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
» If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course in manner understandable to lay audiences.

Audience / Target Group:

The target audience for this Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course:

● Security Operations Center Security Analyst
● Computer Network Defense Analyst
● Computer Network Defense Infrastructure Support personnel
● Future Incident Responders and Security Operations Center (SOC) personnel
● Students beginning a career and entering the cybersecurity field
● IT personnel looking to learn more about the area of cybersecurity operations
● Cisco Channel Partners

Class Prerequisites:

The knowledge and skills that a learner must have before attending this Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course are:

● Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
● Working knowledge of the Windows operating system
● Working knowledge of Cisco IOS networking and concepts
● Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0

What You Will Learn:

Upon completing this Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) course, learners will be able to meet these objectives:

● Define a SOC and the various job roles in a SOC
● Understand SOC infrastructure tools and systems
● Learn basic incident analysis for a threat centric SOC
● Explore resources available to assist with an investigation
● Explain basic event correlation and normalization
● Describe common attack vectors
● Learn how to identifying malicious activity
● Understand the concept of a playbook
● Describe and explain an incident respond handbook
● Define types of SOC Metrics
● Understand SOC Workflow Management system and automation

Implementing Cisco Cybersecurity Operations Training v1.0 (SECOPS) – Course Syllabus

Module 1: SOC Overview

Lesson 1: Defining the Security Operations Center
Lesson 2: Understanding NSM Tools and Data
Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

Lesson 1: Understanding Event Correlation and Normalization
Lesson 2: Identifying Common Attack Vectors
Lesson 3: Identifying Malicious Activity
Lesson 4: Identifying Patterns of Suspicious Behavior
Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

Lesson 1: Describing the SOC Playbook
Lesson 2: Understanding the SOC Metrics
Lesson 3: Understanding the SOC WMS and Automation
Lesson 4: Describing the Incident Response Plan
Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
Lesson 6: Appendix B—Understanding the use of VERIS

Labs:
Guided Lab 1: Explore Network Security Monitoring Tools
Discovery 1: Investigate Hacker Methodology
Discovery 2: Hunt Malicious Traffic
Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
Discovery 4: Investigate Browser-Based Attacks
Discovery 5: Analyze Suspicious DNS Activity
Discovery 6: Investigate Suspicious Activity Using Security Onion
Discovery 7: Investigate Advanced Persistent Threats
Discovery 8: Explore SOC Playbooks

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email