Implementing Cisco Cybersecurity Operations - (SECOPS)Newly Released

Implementing Cisco Cybersecurity Operations - (SECOPS) Course Description

Duration: 5.00 days (40 hours)

Learn how a Security Operations Center (SOC) functions and gain the introductory-level skills and knowledge required for success. Students obtain the core skills needed to grasp the associate-level material in the 210-255 exam “Implementing Cisco Cybersecurity Operations (SECOPS),” which, when combined with passing the 210-250 SECFND exam, lead to the CCNA Cyber Ops certification.

Next Class Dates

Jan 22, 2018 – Jan 26, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Feb 26, 2018 – Mar 2, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Mar 26, 2018 – Mar 30, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Apr 23, 2018 – Apr 27, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018

View More Schedules »

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Implementing Cisco Cybersecurity Operations - (SECOPS) Course

  • » Security Operations Center Security Analyst
  • » Computer Network Defense Analyst
  • » Computer Network Defense Infrastructure Support personnel
  • » Future Incident Responders and Security Operations Center (SOC) personnel
  • » Students beginning a career and entering the cybersecurity field
  • » IT personnel looking to learn more about the area of cybersecurity operations
  • » Cisco Channel Partners

Back to Top

Implementing Cisco Cybersecurity Operations - (SECOPS) Course Objectives

  • » The goal of the course is to teach the fundamental skills required to begin a career working as an associate-level cybersecurity analyst in a security operations center.

Back to Top

Implementing Cisco Cybersecurity Operations - (SECOPS) Course Outline

      1. SOC Overview
        1. Defining the Security Operations Center
          1. Types of Security Operations Centers
          2. SOC Analyst Tools
          3. Data Analytics
          4. Hybrid Installations: Automated Reports, Anomaly Alerts
          5. Sufficient Staffing Necessary for an Effective Incident Response Team
          6. Roles in a Security Operations Center
          7. Develop Key Relationships with External Resources
          8. Challenge
        2. Understanding NSM Tools and Data
          1. Introduction
          2. NSM Tools
          3. NSM Data
          4. Security Onion
          5. Full Packet Capture
          6. Session Data
          7. Transaction Data
          8. Alert Data
          9. Other Data Types
          10. Correlating NSM Data
          11. Challenge
        3. Understanding Incident Analysis in a Threat-Centric SOC
          1. Classic Kill Chain Model Overview
          2. Kill Chain Phase 1: Reconnaissance
          3. Kill Chain Phase 2: Weaponization
          4. Kill Chain Phase 3: Delivery
          5. Kill Chain Phase 4: Exploitation
          6. Kill Chain Phase 5: Installation
          7. Kill Chain Phase 6: Command-and-Control
          8. Kill Chain Phase 7: Actions on Objectives
          9. Applying the Kill Chain Model
          10. Diamond Model Overview
          11. Applying the Diamond Model
          12. Exploit Kits
          13. Challenge
        4. Identifying Resources for Hunting Cyber Threats
          1. Cyber-Threat Hunting Concepts
          2. Hunting Maturity Model
          3. Cyber-Threat Hunting Cycle
          4. Common Vulnerability Scoring System
          5. CVSS v3.0 Scoring
          6. CVSS v3.0 Example
          7. Hot Threat Dashboard
          8. Publicly Available Threat Awareness Resources
          9. Other External Threat Intelligence Sources and Feeds Reference
          10. Challenge
      2. Security Incident Investigations
        1. Understanding Event Correlation and Normalization
          1. Event Sources
          2. Evidence
          3. Security Data Normalization
          4. Event Correlation
          5. Other Security Data Manipulation
          6. Challenge
        2. Identifying Common Attack Vectors
          1. Obfuscated JavaScript
          2. Shellcode and Exploits
          3. Common Metasploit Payloads
          4. Directory Traversal
          5. SQL Injection
          6. Cross-Site Scripting
          7. Punycode
          8. DNS Tunneling
          9. Pivoting
          10. Challenge
        3. Identifying Malicious Activity
          1. Understanding the Network Design
          2. Identifying Possible Threat Actors
          3. Log Data Search
          4. NetFlow as a Security Tool
          5. DNS Risk and Mitigation Tool
          6. Challenge
        4. Identifying Patterns of Suspicious Behavior
          1. Network Baselining
          2. Identify Anomalies and Suspicious Behaviors
          3. PCAP Analysis
          4. Delivery
          5. Challenge
        5. Conducting Security Incident Investigations
          1. Security Incident Investigation Procedures
          2. Threat Investigation Example: China Chopper Remote Access Trojan
          3. Challenge
      3. SOC Operations
        1. Describing the SOC Playbook
          1. Security Analytics
          2. Playbook Definition
          3. What Is in a Play?
          4. Playbook Management System
          5. Challenge
        2. Understanding the SOC Metrics
          1. Security Data Aggregation
          2. Time to Detection
          3. Security Controls Detection Effectiveness
          4. SOC Metrics
          5. Challenge
        3. Understanding the SOC WMS and Automation
          1. SOC WMS Concepts
          2. Incident Response Workflow
          3. SOC WMS Integration
          4. SOC Workflow Automation Example
          5. Challenge
        4. Describing the Incident Response Plan
          1. Incident Response Planning
          2. Incident Response Life Cycle
          3. Incident Response Policy Elements
          4. Incident Attack Categories
          5. Reference: US-CERT Incident Categories
          6. Regulatory Compliance Incident Response Requirements
          7. Challenge
        5. LABS
          1. Lab 1: Explore Network Security Monitoring Tools
            1. Investigate Hacker Methodology
            2. Hunt Malicious Traffic
            3. Correlate Event Logs, PCAPs, and Alerts of an Attack
            4. Investigate Browser-Based Attacks
            5. Analyze Suspicious DNS Activity
            6. Investigate Suspicious Activity Using Security Onion
            7. Investigate Advanced Persistent Threats
            8. Explore SOC Playbooks

Back to Top

This training prepares students for the following exam(s):

  • » 210-255 SECOPS : Implementing Cisco Cybersecurity Operations

Back to Top

Do you have the right background for Implementing Cisco Cybersecurity Operations - (SECOPS)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

David M.
- Networking expert with several Cisco certifications, including CCENT, CCNA, CCDA, CCSI, and CCVP. - Has taught over 90 courses at NetCom Learning. - Average rating of 8.75 out of 9 on student evaluation reports.

Bio:

David has been in the Networking field for the past eleven years and holds several Cisco certifications. He has been an instructor since 2005 and has taught over 90 courses at NetCom Learning.

David is an extremely enthusiastic trainer with a raw passion towards teaching and delivering Cisco information and takes great pride in his career as an instructor, which has lead him to develop and deliver the class in his own unique way; very professional and knowledgeable, yet pleasant and enjoyable. His classes have a high passing rate for students taking certification exams, and averages 8.75 out of 9 on evaluation reports.
Michael G.
- Over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer.
- An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, as well as select Microsoft, Novell, CompTIA, Sun and CWNP courses.
- High-skilled and acclaimed instructor. Has trained over 900 students at Netcom Learning.

Bio:

Michael has over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer. An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, Michael also teaches select Microsoft, Novell, CompTIA, Sun and CWNP courses.

Michael's dedication and passion for teaching is unmatched. He has trained over 900 students at Netcom Learning since 2006 and his evaluation scores average 8.7 out of 9.
William D.
- Bachelors and Masters in Mathematics from University of Pennsylvania, in addition to several IT certifications.
- Over 20 years of experience in the IT industry; background ranges from engineering, administration and escalation support in networks.

Bio:

William is a highly-skilled IT professional with Bachelors and Masters Degree in Mathematics from University of Pennsylvania. He has been working in the IT industry for over 20 years, with experience in engineering, administration and escalation support in networks ranging from small to large scale complex enterprise environments.

As a Cisco and CompTIA Subject Matter Expert, he holds several certifications, including Cisco CCNA, CCNP, and CCIE. William is one of NetCom's top trainers, consistently scoring high marks in student evaluations.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Keep the training content the same way.

- Mandeep S.
Course(s) Taken

» Interconnecting Cisco Networking Devices, Part 1 v 3.0 - ICND1 (Entry)

Great caring professor and he offered to stay late always, truly cares for students.

- Jose T.
Course(s) Taken

» Interconnecting Cisco Networking Devices, Part 1 v 3.0 - ICND1 (Entry)

  More testimonials »  

Back to Top