Implementing Cisco Cybersecurity Operations (SECOPS)

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Retail Price: $3,595.00

Next Date: 02/25/2019

Course Days: 5


Enroll in Next Date

Request Custom Course


About this Course

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Audience Profile

  • Security Operations Center Security Analyst
  • Computer Network Defense Analyst
  • Computer Network Defense Infrastructure Support personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career and entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners

At Course Completion

After completion of this course, students will be able to...

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Prerequisites

It is strongly recommended, but not required, that students have the following knowledge and skills:

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts
  • Understanding Cisco Cybersecurity Fundamentals (SECFND) 

Course Outline

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations


Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS

Labs:

  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks

neXT Live 365

Demand for trained and certified technical professionals is growing. To stay competitive in a global, fast-paced job market, it’s imperative to stay up-to-date on emerging technologies and ensure your skills are relevant. neXT LIVE 365 helps you maintain your skills and gain knowledge with quick, easy access to training on the entire portfolio of products and technologies.

Click to Learn more


neXT Digital Learning

  • Digital Courseware
    • Accessible on many different devices
  • Access to next Live 365 Community
    • 24x7 access to content
  • Quarterly neXTpertise Sessions
    • Exam Preparation, Planned Routing & Switching Topics, Open Sessions - ask the neXTperts!
  • Access to extended Cisco Library
    • Recorded videos from other Cisco Technologies in the same catalog
  • Access to Discussion Boards
    • Run by YOU and monitored daily by our instructors

neXT Live 365 community

  • Continued Education
    • One full year of training instead of one week in the classroom
  • Up-To-Date Content
    • No need to wait for off-the-shelf curriculum to be updated
  • Flexibility
    • You don’t have to be out of the office for 5 days
  • Breadth of Knowledge
    • Information from an entire technology group, not just one class
  • On-Demand
    • Need an answer at 11pm? Search our Video Reference Library or post your question in our discussion board for a quick SME answer
  • Customer Driven
    • Session topics added by request
  • Timely
    • Bridge the gap between class and exam with study and exam prep sessions
Course Dates Course Times (EST) Delivery Mode GTR
2/25/2019 - 3/1/2019 9:00 AM - 5:00 PM Virtual gauranteed to run course date Enroll
4/15/2019 - 4/19/2019 9:00 AM - 10:00 PM Virtual gauranteed to run course date Enroll