ALL DATES GUARANTEED
Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.
COURSE DELIVERY OPTIONS
Train face-to-face with the live instructor.
Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.
Attend the live class from the comfort of your home or office.
This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.
Completion of Cisco Cybersecurity Fundamentals (SECFND)
- Security Operations Center Security Analyst
- Computer Network Defense Analyst
- Computer Network Defense Infrastructure Support personnel
- Future Incident Responders and Security Operations Center (SOC) personnel
- Students beginning a career and entering the cybersecurity field
- IT personnel looking to learn more about the area of cybersecurity operations
- Cisco Channel Partners
After completion of this course, students will be able to…â€‹
- Define a SOC and the various job roles in a SOC
- Understand SOC infrastructure tools and systems
- Learn basic incident analysis for a threat-centric SOC
- Explore resources available to assist with an investigation
- Explain basic event correlation and normalization
- Describe common attack vectors
- Learn how to identify malicious activity
- Understand the concept of a playbook
- Describe and explain an incident respond handbook
- Define types of SOC Metrics
- Understand SOC Workflow Management system and automation
Module 1: SOC Overview
- Lesson 1: Defining the Security Operations Center
- Lesson 2: Understanding NSM Tools and Data
- Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
- Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
- Lesson 1: Understanding Event Correlation and Normalization
- Lesson 2: Identifying Common Attack Vectors
- Lesson 3: Identifying Malicious Activity
- Lesson 4: Identifying Patterns of Suspicious Behavior
- Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
- Lesson 1: Describing the SOC Playbook
- Lesson 2: Understanding the SOC Metrics
- Lesson 3: Understanding the SOC WMS and Automation
- Lesson 4: Describing the Incident Response Plan
- Lesson 5: Appendix A Describing the Computer Security Incident Response Team
- Lesson 6: Appendix B Understanding the use of VERIS
- Guided Lab 1: Explore Network Security Monitoring Tools
- Discovery 1: Investigate Hacker Methodology
- Discovery 2: Hunt Malicious Traffic
- Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
- Discovery 4: Investigate Browser-Based Attacks
- Discovery 5: Analyze Suspicious DNS Activity
- Discovery 6: Investigate Suspicious Activity Using Security Onion
- Discovery 7: Investigate Advanced Persistent Threats
- Discovery 8: Explore SOC Playbooks
What's Included With This Class?
This course includes a 365-day membership to our neXT Learning Community! You will join thousands of other neXT members allowing you to interact with other IT professionals, get your questions answered, and achieve your learning goals. Upon registration, you will get immediate access to the following resources:
Join thousands of other members in our neXT Learning Community for an entire year!
Thousands of recorded topics, many of which relate to official technology curriculum.
Interact with instructors and other neXT members. You can expect a quick response as discussion boards are monitored daily.
Virtual, interactive sessions including exam prep , open Q&A workshops, lab demos, and featured exclusive topics.
Learning paths can contain videos, blogs, articles, and quizzes combined to help meet specific objectives.