Cisco® Implementing Cisco® Cybersecurity Operations v1.0 (SECOPS)

The Implementing Cisco Cyber security Operations (SECOPS) v1.0 course gives you foundation-level knowledge of security incident analysis techniques used in a Security Operations Center (SOC). You will learn how to identify and analyze threats and malicious activity, correlate events, conduct security investigations, use incident playbooks, and learn SOC operations and procedures. This course prepares you for the 210-255 SECOPS exam, one of the two exams for the current Cisco Certified Cyber-Ops Associate* certification. This certification validates your knowledge and hands-on skills to help handle cyber security events as an associate-level member of an SOC team.

Today’s cyber security professionals need to detect, investigate, and respond to a wide variety of security events. This course will help you gain the skills to play a role in your organization’s SOC detecting and responding to security events. The United States Department of Defense recognizes Cisco CCNA Cyber-Ops (now called Cisco Certified Cyber-Ops Associate)certification as an approved baseline certification in the Information Assurance (IA) Workforce CCSP Incident Responder and CCSP Analyst job categories

Cisco® Implementing Cisco® Cybersecurity Operations v1.0 (SECOPS)

Skip to Available Dates

Learning Objectives

After taking this course, you should be able to:

  • Describe the three common SOC types, tools used by SOC analysts, job roles within the SOC, and incident analysis within a threat-centric SOC
  • Explain security incident investigations, including event correlation and normalization and common attack vectors, and be able to identify malicious and suspicious activities
  • Explain the use of an SOC playbook to assist with investigations, the use of metrics to measure the effectiveness of the SOC, the use of an SOC workflow management system and automation to improve SOC efficiency, and the concepts of an incident response plan

     

    Course Details

    Course Outline

    1 - SOC Overview
  • Defining the Security Operations Center
  • Understanding NSM Tools and Data
  • Understanding Incident Analysis in a Threat-Centric SOC
  • Identifying Resources for Hunting Cyber Threats
  • 2 - Security Incident Investigations
  • Understanding Event Correlation and Normalization
  • Identifying Common Attack Vectors
  • Identifying Malicious Activity
  • Identifying Patterns of Suspicious Behavior
  • Conducting Security Incident Investigations
  • 3 - SOC Operations
  • Describing the SOC Playbook
  • Understanding the SOC Metrics
  • Understanding the SOC WMS and Automation
  • Describing the Incident Response Plan
  • Appendix A—Describing the Computer Security Incident Response Team
  • Appendix B—Understanding the use of VERIS
  • 4 - Lab Outline
  • Explore Network Security Monitoring Tools
  • Investigate Hacker Methodology
  • Hunt Malicious Traffic
  • Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Investigate Browser-Based Attacks
  • Analyze Suspicious DNS Activity
  • Investigate Suspicious Activity Using Security Onion
  • Investigate Advanced Persistent Threats
  • Explore SOC Playbooks
  • Actual course outline may vary depending on offering center. Contact your sales representative for more information.

    Who is it For?

    Target Audience

    IT professionals

    Any learner interested in entering associate-level cyber security roles such as:

    SOC cybersecurity analysts

    Computer or network defense analysts

    Computer network defense infrastructure support personnel

    Future incident responders and SOC personnel

    Cisco integrators or partners

    Prerequisites

    Other Prerequisites

    To fully benefit from this course, you should first complete the following course or obtain the equivalent knowledge and skills:

    Understanding Cisco Cybersecurity Fundamentals (SECFND)

    Cisco® Implementing Cisco® Cybersecurity Operations v1.0 (SECOPS)

    Call | This course is CLC-Eligible
    Course Length : 5 Days (40 Hours)

    There are currently no scheduled dates for this course. Please contact us for more information.

     Interested in On-Demand Training?

    Need Help Picking the Right Course? Give us a call! 800-201-0555