About Education
The “Implementing Cisco Cybersecurity Operations (SECOPS)” v1.0 course provides you with a foundational understanding of security incident analysis techniques used in a Security Operations Center (SOC). You will learn to identify threats and malicious activities, correlate incidents, perform security reviews, use incident scenarios, and learn SOC operations and procedures. This is the second of two courses that prepare you for the Cisco® CCNA® Cyber Ops certification. This certification validates your knowledge and hands-on skills to help you address cybersecurity incidents as a mid-level member of a SOC team.
Today's cyber security professionals need to detect, investigate and respond to a wide range of security incidents. This course will help you gain the skills needed to play a role in detecting and responding to security incidents in your organisation's SOC.
Prerequisites
- Basic network knowledge
- Familiarity with basic cybersecurity concepts
- Completion of ‘Introduction to Cybersecurity’ or a similar entry-level cyber security course
Duration of Training
- Training with an instructor: 5 days, with practical laboratory work
- Virtual instructor-led training: 5 days, with web-based lessons and hands-on lab work
Who Should Participate?
- IT Professionals
- All students looking to enter mid-level cybersecurity roles such as:
- SOC cybersecurity analysts
- Computer or network defense analysts
- Computer network defense infrastructure support personnel
- Future incident response teams and SOC personnel
- Cisco integrators or partners
Educational Content
- SOC Overview
- Defining the Security Operations Center
- Understanding NSM Tools and Data
- Understanding Incident Analysis in a Threat-Focused SOC
- Identifying Resources to Hunt Cyber Threats
- Security Incident Investigations
- Understanding Event Correlation and Normalization
- Identifying Common Attack Vectors
- Identifying Harmful Activities
- Identifying Suspicious Behavior Patterns
- Conducting Security Incident Investigations
- SOC Operations
- Explaining the SOC Scenario
- Understanding SOC Metrics
- Understanding SOC WMS and Automation
- Explaining the Incident Response Plan
- Appendix A – Describing the Computer Security Incident Response Team
- Appendix B – Understanding the use of VERIS
What You Will Gain at the End of Training
- Explain the three common types of SOCs, the tools used by SOC analysts, job roles within a SOC, and incident analysis within a threat-focused SOC.
- Explain security incident investigations, including event correlation and normalization, and common attack vectors to identify malicious and suspicious activities.
- Explain the use of a SOC scenario to assist in investigations, the use of metrics to measure SOC effectiveness, the use of a SOC workflow management system and automation to increase SOC efficiency, and the concepts of an incident response plan.
