fbpx

Course Statuse

Registration Open

Duration

6 Days, 42 Hours

Timing

9:00 AM - 04:00 PM

Availability

Weekdays - Weekends

Course Overview

SECOPS is the foundation-level course offers the knowledge and skills to understand how a Security Operations Center (SOC) functions. You will understand the basic threat analysis and event correlation, identifying malicious activity, and using a playbook for incident response.  Additionally, gain knowledge on identifying resources for hunting cyber threats, common attack vectors, malicious activity, and patterns of suspicious behavior, and on conducting security incident investigations.

Learning Outcome

Upon completion of SECOPS course, you should be able to:

  • Describe a typical Security Operation Center (SOC)
  • Use Network Security Monitoring (NSM) tools and data to conduct basic incident analysis within a threat-centric SOC environment
  • Identify common external resources used by the analysts to hunt for cybersecurity threats
  • Discuss basic events normalization concepts
  • Perform basic events correlation
  • Identify common attack vectors, malicious activities, and patterns of suspicious behaviors
  • Describe the use of a playbook to assist with the incident investigation in a SOC
  • Describe the common metrics used to measure the SOC effectiveness
  • Describe the use of a workflow automation system to optimize SOC operations
  • Describe the components of a typical Incident Response Plan
  • Describe the types and the responsibilities of the Computer Security Incident Response Team (CSIRT)
  • Discuss the use of VERIS to document security incidents
Prerequisite
  • Must have completed CCNA Routing and Switching Course
Course Content
  • Describing the Security Operations Center
  • Understanding Network Security Monitoring Tools and Data
  • Understanding Incident Analysis in a Threat-Centric SOC
  • Identifying Resources for Hunting Cyber Threats
  • Understanding Event Correlation and Normalization
  • Identifying Common Attack Vectors
  • Identifying Malicious Activity
  • Identifying Patterns of Suspicious Behavior
  • Conducting Security Incident Investigations
  • Describing the SOC Playbook and Metrics
  • Understanding the SOC Workflow Management System (WMS) and Automation
  • Describing the Incident Response Plan
  • Describing the Computer Security Incident Response Team

Book your course today

Loading...

Enquire Now

Courses you maybe interested