SECOPS Training

The Implementing Cisco Cybersecurity Operations (SECOPS) v1.0 course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response. Students will learn how a Security Operations Center (SOC) functions and gain the introductory-level skills and knowledge required for success. Students obtain the core skills needed to grasp the associate-level material in the 210-255 (SECOPS), which, when combined with passing the 210-250 SECFND exam, lead to the CCNA Cyber Ops certification.

Exam Number:
210-255
Exam Name:
SECOPS
Certifications:
CCNA Cyber Ops

Upcoming Dates

Apply
Class Date Class Hours Location GTR Price  
Date Range Date Range Live Online $4295.00 Register Quote
Date Range Date Range Live Online   $3695.00 Register Quote
Date Range Date Range Live Online $3595.00 Register Quote
Date Range Date Range Live Online   $3695.00 Register Quote
Date Range Date Range Live Online   $3695.00 Register Quote
Date Range Date Range Live Online   $4295.00 Register Quote
Date Range Date Range Overland Park, KS   $4295.00 Register Quote
Date Range Date Range Chicago (rosemont), IL   $4295.00 Register Quote
Date Range Date Range Live Online   $4295.00 Register Quote
Date Range Date Range Live Online   $3695.00 Register Quote

Prerequisites

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 ICND1 and SECFND

What's Included

  • Comprehensive study materials, including official Cisco courseware
  • Remote lab access

Course Objectives

After completing this course, you will be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Course Outline

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2 Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS

Labs

  • Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks