Save up to 50% on all Microsoft Courses : Use code : Micro50
Get 20% off on EC-Council, ISACA and Axelos Courses : Use code: Learning20
Buy 1st training of USD 2500 and above and get Excel/PowerPoint/word training Free : Use code: BOGO2020*Promo Terms
    • 18756 Stone Oak Park Way, Suite200, San Antonio TX 78258 USA
  • 100 Queen St W, Brampton, ON L6X 1A4, Canada
  • +1-800-961-0337
START DATE END DATE CLASS TIMINGS MODE Price LOCATION ACTION
01/13/2020 01/17/2020
USD 4095 Live Online
03/09/2020 03/13/2020
USD 4095 Live Online

Implementing Cisco Cybersecurity Operations (SECOPS)

The objective of the course is to educate the key aptitudes required to start a profession filling in as a partner level cybersecurity examiner in a security activities focus.

 

 

Module 1: SOC Overview

  • Lesson 1: Defining the Security Operations Center

  • Sorts of Security Operations Centers

  • SOC Analyst Tools

  • Information Analytics

  • Mixture Installations: Automated Reports, Anomaly Alerts

  • Adequate Staffing Necessary for an Effective Incident Response Team

  • Parts in a Security Operations Center

  • Create Key Relationships with External Resources

  • Test

  • Lesson 2: Understanding NSM Tools and Data

  • Presentation

  • NSM Tools

  • NSM Data

  • Security Onion

  • Full Packet Capture

  • Session Data

  • Exchange Data

  • Ready Data

  • Other Data Types

  • Relating NSM Data

  • Test

  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC

  • Exemplary Kill Chain Model Overview

  • Slaughter Chain Phase 1: Reconnaissance

  • Slaughter Chain Phase 2: Weaponization

  • Slaughter Chain Phase 3: Delivery

  • Slaughter Chain Phase 4: Exploitation

  • Slaughter Chain Phase 5: Installation

  • Slaughter Chain Phase 6: Command-and-Control

  • Slaughter Chain Phase 7: Actions on Objectives

  • Applying the Kill Chain Model

  • Precious stone Model Overview

  • Applying the Diamond Model

  • Endeavor Kits

  • Test

  • Lesson 4: Identifying Resources for Hunting Cyber Threats

  • Digital Threat Hunting Concepts

  • Chasing Maturity Model

  • Digital Threat Hunting Cycle

  • Basic Vulnerability Scoring System

  • CVSS v3.0 Scoring

  • CVSS v3.0 Example

  • Hot Threat Dashboard

  • Openly Available Threat Awareness Resources

  • Other External Threat Intelligence Sources and Feeds Reference

  • Test

Module 2: Security Incident Investigations

  • Lesson 1: Understanding Event Correlation and Normalization

  • Occasion Sources

  • Confirmation

  • Security Data Normalization

  • Occasion Correlation

  • Other Security Data Manipulation

  • Test

  • Lesson 2: Identifying Common Attack Vectors

  • Jumbled JavaScript

  • Shellcode and Exploits

  • Basic Metasploit Payloads

  • Registry Traversal

  • SQL Injection

  • Cross-Site Scripting

  • Punycode

  • DNS Tunneling

  • Turning

  • Test

  • Lesson 3: Identifying Malicious Activity

  • Understanding the Network Design

  • Recognizing Possible Threat Actors

  • Log Data Search

  • NetFlow as a Security Tool

  • DNS Risk and Mitigation Tool

  • Test

  • Lesson 4: Identifying Patterns of Suspicious Behavior

  • System Baselining

  • Recognize Anomalies and Suspicious Behaviors

  • PCAP Analysis

  • Conveyance

  • Test

  • Lesson 5: Conducting Security Incident Investigations

  • Security Incident Investigation Procedures

  • Danger Investigation Example: China Chopper Remote Access Trojan

  • Test

Module 3: SOC Operations

  • Lesson 1: Describing the SOC Playbook

  • Security Analytics

  • Playbook Definition

  • What Is in a Play?

  • Playbook Management System

  • Test

  • Lesson 2: Understanding the SOC Metrics

  • Security Data Aggregation

  • Time to Detection

  • Security Controls Detection Effectiveness

  • SOC Metrics

  • Test

  • Lesson 3: Understanding the SOC WMS and Automation

  • SOC WMS Concepts

  • Episode Response Workflow

  • SOC WMS Integration

  • SOC Workflow Automation Example

  • Test

  • Lesson 4: Describing the Incident Response Plan

  • Occurrence Response Planning

  • Occurrence Response Life Cycle

  • Occurrence Response Policy Elements

  • Occurrence Attack Categories

  • Reference: US-CERT Incident Categories

  • Administrative Compliance Incident Response Requirements

  • Test

  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team

  • CSIRT Categories

  • CSIRT Framework

  • CSIRT Incident Handling Services

  • Test

  • Lesson 6: Appendix B—Understanding the utilization of VERIS

  • VERIS Overview

  • VERIS Incidents Structure

  • VERIS 4 A's

  • VERIS Records

  • VERIS Community Database

  • Verizon Data Breach Investigations Report and Cisco Annual Security Report

  • Test

LABS

  • Guided Lab 1: Explore Network Security Monitoring Tools

  • Revelation 1: Investigate Hacker Methodology

  • Revelation 2: Hunt Malicious Traffic

  • Revelation 3: Correlate Event Logs, PCAPs, and Alerts of an Attack

  • Revelation 4: Investigate Browser-Based Attacks

  • Revelation 5: Analyze Suspicious DNS Activity

  • Revelation 6: Investigate Suspicious Activity Using Security Onion

  • Revelation 7: Investigate Advanced Persistent Threats

  • Revelation 8: Explore SOC Playbooks

It is unequivocally suggested, however not required, that understudies have the accompanying learning and aptitudes:

  • Aptitudes and information proportional to those scholarly in Interconnecting Cisco Networking Devices Part 1 (ICND1)

  • Working learning of the Windows working framework

  • Working learning of Cisco IOS systems administration and ideas


Are you being sponsored by your employer to take this class?
 
Email
 
Contact No.
 
Message
 
 
  • *I authorize Microtek Learning to contact me via Phone/Email