The Implementing Cisco Cybersecurity Operations (SECOPS) version 1.0 Cisco® Training on Demand course teaches you to understand how a Security Operations Center (SOC) functions and gives you the introductory-level skills and knowledge needed in this environment. You learn core skills for an SOC analyst at the associate level, understanding basic threat analysis and event correlation, identifying malicious activity, and using a playbook for incident response.
In addition, you gain knowledge on identifying resources for hunting cyber threats, common attack vectors, malicious activity, and patterns of suspicious behavior, and on conducting security incident investigations.
The SECOPS v1.0 Training on Demand course is a self-paced course that consists of 15 sections of instructor video and text along with interactive activities, 9 hands-on lab exercises, content review questions, and challenge questions.
This course is designed for SOC security analysts and personnel, computer network defense analysts and infrastructure support personnel, future incident responders, Cisco channel partners, and those preparing for the 210-255 SECOPS exam.
After completing this course, you should be able to:
- Define an SOC and the various job roles in an SOC
- Understand SOC infrastructure tools and systems
- Learn basic incident analysis for a threat-centric SOC
- Explore resources available to assist with an investigation
- Explain basic event correlation and normalization
- Describe common attack vectors
- Learn how to identify malicious activity
- Understand the concept of a playbook
- Describe and explain an incident response handbook
- Define types of SOC metrics
- Understand the SOC workflow management system (WMS) and automation
The knowledge and skills necessary before attending this course are:
- Interconnecting Cisco Networking Devices, Part 1 (ICND1), Understanding Cisco Cybersecurity Fundamentals (SECFND), Windows operating system, and Cisco IOS® networking and concepts