This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.
Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus.
Excellent presentation skills, subject matter knowledge, and command of the environment.
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect.
Click here to print this page »
It is strongly recommended, but not required, that students have the following knowledge and skills:
- Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
- Working knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concepts
- Understanding Cisco Cybersecurity Fundamentals (SECFND)
Detailed Class Syllabus
Module 1: SOC Overview
Lesson 1: Defining the Security Operations Center
Lesson 2: Understanding NSM Tools and Data
Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
Lesson 1: Understanding Event Correlation and Normalization
Lesson 2: Identifying Common Attack Vectors
Lesson 3: Identifying Malicious Activity
Lesson 4: Identifying Patterns of Suspicious Behavior
Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
Lesson 1: Describing the SOC Playbook
Lesson 2: Understanding the SOC Metrics
Lesson 3: Understanding the SOC WMS and Automation
Lesson 4: Describing the Incident Response Plan
Lesson 5: Appendix Aâ€”Describing the Computer Security Incident Response Team
Lesson 6: Appendix Bâ€”Understanding the use of VERIS