Menu

Implementing Cisco Cybersecurity Operations (SECOPS)

Exclusive Video Included With This Course:​
Cisco TrustSec - Deep Dive
Exclusive Video Included With This Course:​
Cisco Rapid Threat Containment
Exclusive Video Included With This Course:​
Stealthwatch

Overview

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

  • Security Operations Center Security Analyst
  • Computer Network Defense Analyst
  • Computer Network Defense Infrastructure Support personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career and entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners

Completion of Cisco Cybersecurity Fundamentals (SECFND) 

After completion of this course, students will be able to…​

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations
  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B Understanding the use of VERIS
Labs:
  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks

A year-long neXT membership which includes 365 days of…

  • Access to exclusive tech talk webinars covering content not found in the classroom
  • Sessions include: Delta & New Featured Topics, Open Q&A Workshops, Exam Prep & Guidance, Lab Demos
  • Technical discussion boards to interact with instructors and other members
  • Goal-based learning paths built to accomplish a specific end goal
  • Learning paths may include videos, blogs, quizzes, exam prep questions, and more
  • Get content and recordings from the entire technology stack, not just this class!

Don’t have the time or budget for an instructor-led class?

Interested in one-on-one services with your instructor-led class?

Would you like dedicated training resources for your entire team?

neXT LIVE 365 Logo
SLI Main Menu