> > SECOPS

Implementing Cisco Cybersecurity Operations (SECOPS)

 

Who Should Attend

  • Security Operations Center – Security Analyst
  • Computer/Network Defense Analysts
  • Computer Network Defense Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel.
  • Students beginning a career, entering the cybersecurity field.
  • Cisco Channel Partners

Certifications

Prerequisites

It is highly recommended to have the following skills and knowledge before attending this course:

  • Skills and knowledge equivalent to those learned in !CI-ICND1
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Course Objectives

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. CCNA Cyber Ops prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Upon completion of this course, you will be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Course Content

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS
Online training

Duur 5 dagen

Klassikale training

Duur 5 dagen

E-learning Cisco Digital Learning

Duur 360 dagen

Prijs (excl. BTW)
  • Nederland: US$ 1.500,-
  • België: US$ 1.500,-
Fast Lane Live Bestel nu
 
Klik op de plaats & boek online Beschikbare data
Instructor-Led Online Training
Nederland

Op dit moment is deze training in dit land niet beschikbaar in het open rooster. De kans is echter groot dat wij u toch een passende oplossing kunnen bieden. Wij horen graag wat uw specifieke wensen zijn.  U bereikt ons via 030 658 2131 of info@flane.nl. We helpen u graag!

FLEX-trainingen

Een FLEX-training is een Engelstalige training die plaatsvindt in één van de Fast Lane-trainingscentra in Europa en die online gevolgd kan worden vanaf uw eigen locatie. Bekijk hieronder alle beschikbare FLEX-data.

19-10-2020 ― 23-10-2020 Online training Tijdzone: Europe/Vilnius Taal: Engels boek direct