Menu

Implementing Cisco Cybersecurity Operations (SECOPS)

ALL SLI DATES ARE GUARANTEED TO RUN!

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location.

What's Included With This Class?​

365 Day neXT Learning Membership

Video Reference Library

Online Discussion Forums

Tech Talk Webinars

Goal-Based Learning Paths

Your neXT membership includes…

  • A 365 Day neXT Learning Membership is included with the class, giving you access to the below resources. Join thousands of other neXT members in your learning journey!

 

  • Video Reference Library: Thousands of recorded topics, many of which relate to the official technology curriculum, broken down into short, consumable videos. These videos are all on-demand and searchable by subject or course name. Get access to content and recordings from the entire technology stack, not just this class!

 

  • Online Discussion Forums: Technical discussion boards are available for you to interact with SLI instructors, SME’s, and other neXT Learning members. You can leave questions and expect to see quick responses as discussion boards are monitored daily.

 

  • Tech Talk Webinars: SLI hosts a series of technical webinars quarterly. These are virtual, interactive sessions for customers, instructors & SME’s to engage on a variety of topics, driven by our members. Sessions are recorded and archived for future viewing. Session Types: Delta & New Featured Topics, Open Q&A Workshops, Exam Prep & Guidance, Lab Demos. We are always open to new ideas and topics!

 

  • Goal-based Learning Paths: Learning paths are available for members who have a specific end goal in sight. SLI instructors have developed these paths which may contain videos, blogs, articles, or quizzes, combined to help learners meet specific objectives. Example learning paths: CCNA Exam Prep, Scripting for Beginners

Learn More About Our Annual neXT Learning Memberships

Overview

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Target Audience

  • Security Operations Center Security Analyst
  • Computer Network Defense Analyst
  • Computer Network Defense Infrastructure Support personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career and entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners

Prerequisites

Completion of Cisco Cybersecurity Fundamentals (SECFND) 

Course Objectives

After completion of this course, students will be able to…​

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Full Course Outline

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B Understanding the use of VERIS

Labs:

  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks
Exclusive Video Included With This Course:​
Cisco TrustSec - Deep Dive
Exclusive Video Included With This Course:​
Cisco Rapid Threat Containment
Exclusive Video Included With This Course:​
Stealthwatch
SLI Main Menu