See how Insoft Services is responding to COVID-19

SECOPS – Implementing Cisco Cybersecurity Operations 1.0

X

Contact Us

We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

Subscribe

I'd like to receive emails with the latest updates and promotions from Insoft.

Data Protection & Privacy

I hereby allow Insoft Ltd. to contact me on this topic. Further, I authorise Insoft Ltd. processing, using collecting and storing my personal data for the purpose of these activities. All your data will be protected and secured as outlined in our privacy policy.


Upcoming Courses

Nov 9 - Nov 13, 2020
09:00 - 17:00 (CEST)
Online

Feb 22 - Feb 26, 2021
09:00 - 17:00 (CEST)
Online

May 17 - May 21, 2021
09:00 - 17:00 (CEST)
Online

Aug 23 - Aug 27, 2021
09:00 - 17:00 (CEST)
Online

Nov 15 - Nov 19, 2021
09:00 - 17:00 (CEST)
Online

SECOPS – Implementing Cisco Cybersecurity Operations 1.0
5 days  (Instructor Led Online)  |  Network Security

Course Details

The SECOPS – Implementing Cisco Cybersecurity Operations v1.0 course allows learners to understand how a Security Operations Center (SOC) functions work and provides students with the introductory-level skills and knowledge needed for a SOC Analyst at the associate level. In this course, students will get an understanding of basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

 

See other Cisco courses available

Objectives

Upon completion of this course, you will be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand the SOC Workflow Management system and automation

Outline

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

 

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

 

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS

Target Audience

  • Security Operations Center – Security Analyst
  • Computer/Network Defense Analysts
  • Computer Network Defense Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career, entering the cybersecurity field
  • Cisco Channel Partners

Prerequisites

It is recommended, but not required, that students have the following knowledge and skills:

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts