Implementing Cisco Cybersecurity Operations (SECOPS)
This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.
Who Should Take This Course
- Security Operations Center Security Analyst
- Computer Network Defense Analyst
- Computer Network Defense Infrastructure Support personnel
- Future Incident Responders and Security Operations Center (SOC) personnel
- Students beginning a career and entering the cybersecurity field
- IT personnel looking to learn more about the area of cybersecurity operations
- Cisco Channel Partners
- Completion of Cisco Cybersecurity Fundamentals (SECFND)
Why You Should Take This Course
Upon completing this course, the learner will be able to meet these overall objectives:
- Define a SOC and the various job roles in a SOC
- Understand SOC infrastructure tools and systems
- Learn basic incident analysis for a threat centric SOC
- Explore resources available to assist with an investigation
- Explain basic event correlation and normalization
- Describe common attack vectors
- Learn how to identify malicious activity
- Understand the concept of a playbook
- Describe and explain an incident respond handbook
- Define types of SOC Metrics
- Understand SOC Workflow Management system and automation
Register 21 days before class start date and save 10%! Enter discount code EARLY10 during registration.
Register 21 days before class start date and save $250! Enter discount code EARLY250 during registration.
Module 1: SOC Overview
- Lesson 1: Defining the Security Operations Center
- Lesson 2: Understanding NSM Tools and Data
- Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
- Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
- Lesson 1: Understanding Event Correlation and Normalization
- Lesson 2: Identifying Common Attack Vectors
- Lesson 3: Identifying Malicious Activity
- Lesson 4: Identifying Patterns of Suspicious Behavior
- Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
- Lesson 1: Describing the SOC Playbook
- Lesson 2: Understanding the SOC Metrics
- Lesson 3: Understanding the SOC WMS and Automation
- Lesson 4: Describing the Incident Response Plan
- Lesson 5: Appendix A Describing the Computer Security Incident Response Team
- Lesson 6: Appendix B Understanding the use of VERIS
- Guided Lab 1: Explore Network Security Monitoring Tools
- Discovery 1: Investigate Hacker Methodology
- Discovery 2: Hunt Malicious Traffic
- Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
- Discovery 4: Investigate Browser-Based Attacks
- Discovery 5: Analyze Suspicious DNS Activity
- Discovery 6: Investigate Suspicious Activity Using Security Onion
- Discovery 7: Investigate Advanced Persistent Threats
- Discovery 8: Explore SOC Playbooks
Is there a discount available for current students?
UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Online courses are excluded from this offer.
What is the cancellation and refund policy?
Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.