Implementing Cisco Cybersecurity Operations (SECOPS)

neXT LIVE 365

LEARN FOR 365 DAYS!

Sunset Learning Institute believes in a 365-day learning experience that begins immediately, regardless of when you attend your ILT course.  At SLI, you get a range of learning opportunities, from instructor-led hands-on training, to self-directed, customizable learning paths based on your environment, your needs, and your level of experience. We provide the tools and options, and you decide what you need, when you need it, and how you want to learn it!

Immediate access to supplemental learning assets that are INCLUDED with your purchase of the above instructor-led training course: 

  • 365 Days of Access to SLI’s Entire Cisco Security Video Reference Library (VRL), not just the 5-day class you sign up for (hundreds of searchable, on-demand learning bytes in 5-15-minute videos)
  • 365 Days of Unlimited Access to Delta Sessions - What’s Not Covered in Class! (Version Upgrades, Industry Updates, Etc.)
  • 365 Days of Unlimited 24x7 Access to SLI's Community - Collaborate with SLI Instructors and Other Members (Monitored Daily by SLI Instructors) See Community Demo
  • 365 Days of Unlimited Access to Interactive neXTpertise Sessions and other IT Resources with SLI Instructors (featured hot topics, exam prep, etc.)  See Upcoming neXTpertise Sessions
  • Unlimited Access to Hosted Webinars and All Previously Recorded Sessions
  • Unlimited Access to your Digital Courseware
See Entire Portfolio

Benefits:
  • Training that fits your needs (from high intensity to small learning bytes)
  • Build immediate competency - start at time of purchase!
  • Gain know-how and skills gaps with limited work disruptions
  • Get quick answers to daily challenges - live interaction!
Not interested in an Instructor led class - try our self-directed, digital only learning solutions!

Overview

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Target Audience

  • Security Operations Center Security Analyst
  • Computer Network Defense Analyst
  • Computer Network Defense Infrastructure Support personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career and entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners

Prerequisites

It is strongly recommended, but not required, that students have the following knowledge and skills:

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts
  • Understanding Cisco Cybersecurity Fundamentals (SECFND) 

Course Objectives

After completion of this course, students will be able to...​

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Course Outline

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations
  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B Understanding the use of VERIS
Labs:
  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks

SLI Main Menu