> > > SECOPS

Implementing Cisco Cybersecurity Operations (SECOPS)

Course Description Schedule Course Outline
 

Course Content

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. CCNA Cyber Ops prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Exam Description

  • 210-255 SECOPS

This exam is the second of the two required exams in achieving the associate-level CCNA Cyber Ops certification and prepares candidates to begin a career within a Security Operations Center (SOC), working with Cybersecurity Analysts at the associate level. The SECFND exam tests a candidate's knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a SOC.

Who should attend

  • Security Operations Center – Security Analyst
  • Computer/Network Defense Analysts
  • Computer Network Defense Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel.
  • Students beginning a career, entering the cybersecurity field.
  • Cisco Channel Partners

Certifications

This course is part of the following Certifications:

Prerequisites

It is highly recommended to have the following skills and knowledge before attending this course:

Course Objectives

Upon completion of this course, you will be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Outline: Implementing Cisco Cybersecurity Operations (SECOPS)

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS

Labs:

  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks
Classroom Training
Modality: C

Duration 5 days

Price
  • United States: US$ 4,295
  • Cisco Learning Credits: 43 CLC
Enroll now
Online Training
Modality: L

Duration 5 days

Price
  • United States: US$ 4,295
  • Cisco Learning Credits: 43 CLC
Enroll now
E-Learning Cisco Digital Learning
Modality: P
Price
  • United States: US$ 1,495
  • Cisco Learning Credits: 15 CLC
Buy E-Learning
 
Click City Name To Book Schedule
This is an Instructor-Led Classroom course
This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.
  *   This class is delivered by a partner.
United States
Nov 26-30, 2018 Rosemount, IL 09:00 US/Central * Enroll
Nov 26-30, 2018 Online Training 09:00 US/Central * Enroll
Dec 17-21, 2018 Online Training 09:00 US/Central * Enroll
Europe
Germany
Jan 21-25, 2019 Hamburg Enroll
Feb 11-15, 2019 Düsseldorf Enroll
Mar 18-22, 2019 Hamburg Enroll
Apr 8-12, 2019 Stuttgart Enroll
May 13-17, 2019 Munich Enroll
Jun 17-21, 2019 Berlin Enroll
Jul 1-5, 2019 Hamburg Enroll
Aug 5-9, 2019 Düsseldorf Enroll
Sep 9-13, 2019 Frankfurt Enroll
Oct 7-11, 2019 Stuttgart Enroll
Austria
Apr 8-12, 2019 Vienna (iTLS) Enroll
Jul 29-Aug 2, 2019 Vienna (iTLS) Enroll
Bulgaria
Oct 14-18, 2019 This is a FLEX event Sofia Course language: English Enroll
Online Training Time zone: Europe/Sofia Enroll
France
Jun 3-7, 2019 Paris Enroll
Dec 16-20, 2019 Paris Enroll
Hungary
Dec 2-6, 2019 This is a FLEX event Budapest Course language: English Enroll
Online Training Time zone: Europe/Budapest Enroll
Italy
Mar 4-8, 2019 Rome Enroll
May 20-24, 2019 Milan Enroll
Jun 24-28, 2019 Rome Enroll
Jul 29-Aug 2, 2019 Milan Enroll
Oct 14-18, 2019 Rome Enroll
Dec 16-20, 2019 Milan Enroll
Portugal
Feb 18-22, 2019 Lisbon Enroll
Jul 1-5, 2019 Lisbon Enroll
Sep 2-6, 2019 Lisbon Enroll
Nov 25-29, 2019 Lisbon Enroll
Romania
Apr 8-12, 2019 This is a FLEX event Bucharest Course language: English Enroll
Online Training Time zone: Europe/Bucharest Enroll
Slovenia
Sep 2-6, 2019 This is a FLEX event Ljubljana Course language: English Enroll
Online Training Time zone: Europe/Ljubljana Enroll
Spain
Feb 11-15, 2019 Madrid Enroll
Jun 10-14, 2019 Madrid Enroll
Aug 26-30, 2019 Madrid Enroll
Nov 18-22, 2019 Madrid Enroll
Switzerland
Feb 25-Mar 1, 2019 Zurich Enroll
Aug 19-23, 2019 Zurich Enroll
Turkey
Jan 28-Feb 1, 2019 This is a FLEX event Istanbul Course language: English Enroll
Online Training Time zone: Asia/Istanbul Enroll
United Kingdom
Dec 17-21, 2018 This is a FLEX event London, City
Online Training Time zone: Europe/London
Mar 18-22, 2019 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Jul 15-19, 2019 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Latin America
Chile
Feb 18-22, 2019 Online Training Time zone: America/Santiago Enroll
Aug 26-30, 2019 Online Training Time zone: America/Santiago Enroll
Colombia
Apr 1-5, 2019 Online Training Time zone: America/Bogota Enroll
Sep 2-6, 2019 Online Training Time zone: America/Bogota Enroll
Peru
Feb 11-15, 2019 Online Training Time zone: America/Lima Course language: Spanish Enroll
Jun 10-14, 2019 Online Training Time zone: America/Lima Course language: Spanish Enroll
Nov 4-8, 2019 Online Training Time zone: America/Lima Course language: Spanish Enroll
Asia Pacific
Australia
Jan 7-11, 2019 Sydney Enroll
Middle East
Qatar
Dec 15-19, 2019 Doha Course language: English Enroll
United Arab Emirates
Jun 16-20, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Dec 15-19, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Africa
Egypt
Jun 16-20, 2019 Cairo Course language: English Enroll
Dec 15-19, 2019 Cairo Course language: English Enroll