Prix public HT : 3.950 € – CLC Acceptés

 

Résumé

The Implementing Cisco Cybersecurity Operations (SECOPS) v1.0 course gives you foundation-level knowledge of security incident analysis techniques used in a Security Operations Center (SOC). You will learn how to identify and analyze threats and malicious activity, correlate events, conduct security investigations, use incident playbooks, and learn SOC operations and procedures. This is the second of two courses that prepare you for the Cisco® CCNA® Cyber Ops certification. This certification validates your knowledge and hands-on skills to help handle cybersecurity events as an associate-level member of an SOC team.

Today’s cybersecurity professionals need to detect, investigate, and respond to a wide variety of security events. This course will help you gain the skills to play a role in your organization’s SOC detecting and responding to security events.

The United States Department of Defense recognizes Cisco CCNA CyberOps certification as an approved baseline certification in the Information Assurance (IA) Workforce CCSP Incident Responder and CCSP Analyst job categories.

 

Objectifs

Upon completion of this course, you will be able to :

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

 

A qui s’adresse ce cours ?

  • IT professionals
  • Any learner interested in entering associate-level cybersecurity roles such as :
    • SOC cybersecurity analysts
    • Computer or network defense analysts
    • Computer network defense infrastructure support personnel
    • Future incident responders and SOC personnel
    • Cisco integrators or partners

 

Pré-requis

It is recommended, but not required, to have the following skills and knowledge before attending this course :

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Avantages du cours

This course will help you :

  • Learn the fundamental skills that a cybersecurity analyst in a security operations center uses, including threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response
  • Prepare for the Cisco CCNA Cyber Ops certification with hands-on practice using real-life security analysis tools, such as those found in a Linux distribution
  • Qualify for entry-level job roles in the high-demand area of cybersecurity Implementing Cisco Cybersecurity Operations (SECOPS)
  • If you need privileged access to DoD Systems, and are military personnel, civilian contractors, and others, this course helps your prepare for Cisco CCNA Cyber Ops certification, which is one of the DoD Approved 8570 Baseline Certifications

Déroulement du cours

Module 1 : SOC Overview
  • Lesson 1 : Defining the Security Operations Center
  • Lesson 2 : Understanding NSM Tools and Data
  • Lesson 3 : Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4 : Identifying Resources for Hunting Cyber Threats
Module 2 : Security Incident Investigations
  • Lesson 1 : Understanding Event Correlation and Normalization
  • Lesson 2 : Identifying Common Attack Vectors
  • Lesson 3 : Identifying Malicious Activity
  • Lesson 4 : Identifying Patterns of Suspicious Behavior
  • Lesson 5 : Conducting Security Incident Investigations
Module 3 : SOC Operations
  • Lesson 1 : Describing the SOC Playbook
  • Lesson 2 : Understanding the SOC Metrics
  • Lesson 3 : Understanding the SOC WMS and Automation
  • Lesson 4 : Describing the Incident Response Plan
  • Lesson 5 : Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6 : Appendix B—Understanding the use of VERIS
Lab Outline
  • Guided Lab 1 : Explore Network Security Monitoring Tools
  • Discovery 1 : Investigate Hacker Methodology
  • Discovery 2 : Hunt Malicious Traffic
  • Discovery 3 : Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4 : Investigate Browser-Based Attacks
  • Discovery 5 : Analyze Suspicious DNS Activity
  • Discovery 6 : Investigate Suspicious Activity Using Security Onion
  • Discovery 7 : Investigate Advanced Persistent Threats
  • Discovery 8 : Explore SOC Playbooks

Certifications

This exam is the first of the two required exams to achieve the CCNA Cyber Ops certification and is aligned with the job role of an associate-level Security Operations Center (SOC) Security Analyst. The SECFND exam tests candidates understanding of cybersecurity’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the second required exam, “Implementing Cisco Cybersecurity Operations (SECOPS)”.

Et après ?

  • 210-255 - SECOPS

This is one of two exams required to achieve the CCNA Cyber Ops Certification

Vous souhaitez des informations, contactez-nous via notre formulaire