0345 4506120

Implementing Cisco Cybersecurity Operations

This is the second course in Cisco's CCNA Cyber Ops Curriculum and is designed to provide students with an understanding of how a Security Operations Center (SOC) functions and the knowledge required in this environment. This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity and how to use a playbook for incident response.

Target Audience

Individuals interested in a career in cybersecurity,or looking to understand more about cybersecurity operations, or working towards their CCNA Cyber OPs certification.

Learning Objectives

After completing this course you should be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Pre-Requisites

Attendees should ideally meet the following prerequsites:

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Skills and knowledge equivalent to those learned in Security Fundamentals (SECFND)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Course Content

SOC Overview

  • Defining the Security Operations Center
  • Understanding NSM Tools and Data
  • Understanding Incident Analysis in a Threat-Centric SOC
  • Identifying Resources for Hunting Cyber Threats

Security Incident Investigations

  • Understanding Event Correlation and Normalization
  • Identifying Common Attack Vectors
  • Identifying Malicious Activity
  • Identifying Patterns of Susupicious Behavior
  • Conducting Security Incident Investigations

SOC Operations

  • Describing the SOC Playbook
  • Understanding the SOC Metrics
  • Understanding the SOC WMS and Automation
  • Describing the Incident Response Plan
  • Appendix A - Describing the Computer Security Incident Response Team
  • Appendix B - Understanding the use of VERIS

Labs

  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks

Exams & Certification

Recommended as preparation for the following exam(s) (exams not included):

  • 210-255 - SECOPS

This is one of two exams required to achieve the CCNA Cyber Ops Certification

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include