1­-855­-778­-7246
> > > SECOPS

Implementing Cisco Cybersecurity Operations (SECOPS)

 

Course Content

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. CCNA Cyber Ops prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Exam Description

  • 210-255 SECOPS

This exam is the second of the two required exams in achieving the associate-level CCNA Cyber Ops certification and prepares candidates to begin a career within a Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. The SECFND exam tests a candidate's knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a SOC.

Who should attend

  • Security Operations Center – Security Analyst
  • Computer/Network Defense Analysts
  • Computer Network Defense Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel.
  • Students beginning a career, entering the cybersecurity field.
  • Cisco Channel Partners

Certifications

This course is part of the following Certifications:

Prerequisites

It is highly recommended to have the following skills and knowledge before attending this course:

  • Skills and knowledge equivalent to those learned in !CI-ICND1
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Course Objectives

Upon completion of this course, you will be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Outline: Implementing Cisco Cybersecurity Operations (SECOPS)

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS

Labs:

  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks
Classroom Training

Duration 5 days

Price
  • United States: US$ 4,295
  • Cisco Learning Credits: 43 CLC
Online Training

Duration 5 days

Price
  • United States: US$ 4,295
  • Cisco Learning Credits: 43 CLC
E-Learning Cisco Digital Learning

Duration 360 days

Price
  • United States: US$ 1,500
  • Cisco Learning Credits: 15 CLC
Buy E-Learning
 
Click City Name To Book Schedule
This is an Instructor-Led Classroom course
This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.
  *   This class is delivered by a partner.
United States
Mar 9-13, 2020 Campbell, CA 09:00 US/Pacific * Enroll
Mar 9-13, 2020 Online Training 09:00 US/Central * Enroll

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX™ training schedule.

Europe
France
May 11-15, 2020 Paris Enroll
Italy
Apr 6-10, 2020 Rome Enroll
Jul 13-17, 2020 Milan Enroll
Sep 14-18, 2020 Rome Enroll
Oct 12-16, 2020 Milan Enroll
Nov 16-20, 2020 Rome Enroll
Portugal
Jun 29-Jul 3, 2020 Lisbon Enroll
Nov 23-27, 2020 Lisbon Enroll
Spain
Jun 22-26, 2020 Madrid Enroll
Nov 16-20, 2020 Madrid Enroll
United Kingdom
Mar 30-Apr 3, 2020 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Jul 13-17, 2020 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Nov 9-13, 2020 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Middle East
United Arab Emirates
Mar 15-19, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
Sep 20-24, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
Africa
Egypt
Apr 5-9, 2020 Cairo Course language: English Enroll
Sep 27-Oct 1, 2020 Cairo Course language: English Enroll