SECOPS - Implementing Cisco Cybersecurity Operations
Introdução
The Implementing Cisco Cybersecurity Operations (SECOPS) v1.0 course gives you foundation-level knowledge of security
incident analysis techniques used in a Security Operations Center (SOC). You will learn how to identify and analyze threats and malicious activity, correlate events, conduct security investigations, use incident playbooks, and learn SOC operations and procedures. This course prepares you for the 210-255 SECOPS exam, one of the two exams for the current Cisco Certified CyberOps Associate* certification. This certification validates your knowledge and hands-on skills to help handle cybersecurity events as an associate-level member of an SOC team.
incident analysis techniques used in a Security Operations Center (SOC). You will learn how to identify and analyze threats and malicious activity, correlate events, conduct security investigations, use incident playbooks, and learn SOC operations and procedures. This course prepares you for the 210-255 SECOPS exam, one of the two exams for the current Cisco Certified CyberOps Associate* certification. This certification validates your knowledge and hands-on skills to help handle cybersecurity events as an associate-level member of an SOC team.
Calendário
Próximas Datas
| Data | ||
| Solicitar mais informaçõess | ||
Baixar PDF
Carga Horária:
40 horas
Investimento:
Preço sob consulta
Solicitar Cotação
Formatos de Entrega
Público Alvo
IT professionals
Any learner interested in entering associate-level cybersecurity roles such as:
SOC cybersecurity analysts
Computer or network defense analysts
Computer network defense infrastructure support personnel
Future incident responders and SOC personnel
Cisco integrators or partners
Any learner interested in entering associate-level cybersecurity roles such as:
SOC cybersecurity analysts
Computer or network defense analysts
Computer network defense infrastructure support personnel
Future incident responders and SOC personnel
Cisco integrators or partners
Objetivo
After taking this course, you should be able to:
Describe the three common SOC types, tools used by SOC analysts, job roles within the SOC, and incident analysis within a threat-centric SOC
Explain security incident investigations, including event correlation and normalization and common attack vectors, and be able to identify malicious and suspicious
activities
Explain the use of an SOC playbook to assist with investigations, the use of metrics to measure the effectiveness of the SOC, the use of an SOC workflow
management system and automation to improve SOC efficiency, and the concepts of an incident response plan
Describe the three common SOC types, tools used by SOC analysts, job roles within the SOC, and incident analysis within a threat-centric SOC
Explain security incident investigations, including event correlation and normalization and common attack vectors, and be able to identify malicious and suspicious
activities
Explain the use of an SOC playbook to assist with investigations, the use of metrics to measure the effectiveness of the SOC, the use of an SOC workflow
management system and automation to improve SOC efficiency, and the concepts of an incident response plan
Pré Requisitos
To fully benefit from this course, you should first complete the following course or obtain the equivalent knowledge and skills:
Understanding Cisco Cybersecurity Fundamentals (SECFND)
The following Cisco learning offering can help you meet this prerequisite:
CCNA Cyber Ops SECFND #210-250 Official Cert Guide, by Omar Santos, Joseph Muniz, and Stefano De Crescenzo
Understanding Cisco Cybersecurity Fundamentals (SECFND)
The following Cisco learning offering can help you meet this prerequisite:
CCNA Cyber Ops SECFND #210-250 Official Cert Guide, by Omar Santos, Joseph Muniz, and Stefano De Crescenzo
Conteúdo Programatico
Module 1: SOC Overview
Lesson 1: Defining the Security Operations Center
Lesson 2: Understanding NSM Tools and Data
Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
Lesson 1: Understanding Event Correlation and Normalization
Lesson 2: Identifying Common Attack Vectors
Lesson 3: Identifying Malicious Activity
Lesson 4: Identifying Patterns of Suspicious Behavior
Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
Lesson 1: Describing the SOC Playbook
Lesson 2: Understanding the SOC Metrics
Lesson 3: Understanding the SOC WMS and Automation
Lesson 4: Describing the Incident Response Plan
Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
Lesson 6: Appendix B—Understanding the use of VERIS
Lab Outline
Guided Lab 1: Explore Network Security Monitoring Tools
Discovery 1: Investigate Hacker Methodology
Discovery 2: Hunt Malicious Traffic
Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
Discovery 4: Investigate Browser-Based Attacks
Discovery 5: Analyze Suspicious DNS Activity
Discovery 6: Investigate Suspicious Activity Using Security Onion
Discovery 7: Investigate Advanced Persistent Threats
Discovery 8: Explore SOC Playbooks
Lesson 1: Defining the Security Operations Center
Lesson 2: Understanding NSM Tools and Data
Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
Lesson 1: Understanding Event Correlation and Normalization
Lesson 2: Identifying Common Attack Vectors
Lesson 3: Identifying Malicious Activity
Lesson 4: Identifying Patterns of Suspicious Behavior
Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
Lesson 1: Describing the SOC Playbook
Lesson 2: Understanding the SOC Metrics
Lesson 3: Understanding the SOC WMS and Automation
Lesson 4: Describing the Incident Response Plan
Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
Lesson 6: Appendix B—Understanding the use of VERIS
Lab Outline
Guided Lab 1: Explore Network Security Monitoring Tools
Discovery 1: Investigate Hacker Methodology
Discovery 2: Hunt Malicious Traffic
Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
Discovery 4: Investigate Browser-Based Attacks
Discovery 5: Analyze Suspicious DNS Activity
Discovery 6: Investigate Suspicious Activity Using Security Onion
Discovery 7: Investigate Advanced Persistent Threats
Discovery 8: Explore SOC Playbooks