Descrizione
Cisco E-Learning for SECOPS allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. Students in this course obtain the core skills needed to grasp the associate-level materials in the 210-255 SECOPS exam, which when combined with passing the 210-250 SECFND exam, leads to the Cisco CCNA Cyber Ops certification. This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.
This Cisco self-paced course is designed to be as effective as classroom training. Course content is presented in easily-consumable segments via both instructor video and text. Interactivity is enabled through Discovery labs, content review questions, and graded Challenge labs and tests. This makes the learning experience hands-on, increasing course effectiveness, and provides students direct feedback on how well they have mastered the material. And gamification features are built in, including earning badges and a leaderboard, to encourage better performance.
Obiettivi Corso:
SOC Overview
Defining the Security Operations Center
Understanding NSM Tools and Data
Lab: Explore Network Security Monitoring Tools
Understanding Incident Analysis in a Threat-Centric SOC
Lab: Investigate Hacker Methodology
Lab: Investigate Hacker Methodology
Identifying Resources for Hunting Cyber Threats
Lab: Hunt Malicious Traffic
Security Incident Investigations
Understanding Event Correlation and Normalization
Lab: Correlate Event Logs, PCAPs, and Alerts of an Attack
Identifying Common Attack Vectors
Lab: Investigate Browser-Based Attacks
Identifying Malicious Activity
Lab: Analyze Suspicious DNS Activity
Identifying Patterns of Suspicious Behavior
Lab: Investigate Suspicious Activity Using Security Onion
Conducting Security Incident Investigations
Lab: Investigate Advanced Persistent Threats
SOC Operations
Describing the SOC Playbook
Lab: Explore SOC Playbooks
Understanding the SOC Metrics
Understanding the SOC WMS and Automation
Incident Response Plan
Appendix A – Describing the Computer Security Incident Response Team
Appendix B – Understanding the use of VERIS
Target:
- Security Operations Center — Security Analyst
- Computer Network Defense — Analyst
- Computer Network Defense — Infrastructure Support Personnel
- Future Incident Responders and Security Operations Center (SOC) personnel
- Students beginning a career entering the cybersecurity field
- IT personnel looking to learn more about the area of cybersecurity operations
- Cisco Channel Partners
Prerequisiti:
It is strongly recommended, but not required, that students have the following knowledge and skills:
- Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices, Part 1 (ICND1)
- Skills and knowledge equivalent to those learned in Understanding Cisco Cybersecurity Fundamentals (SECFND)
- Working knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concept
Recensioni
Ancora non ci sono recensioni.