This is the second course in Cisco’s CCNA Cyber Ops Curriculum and is designed to provide students with an understanding of how a Security Operations Center (SOC) functions and the knowledge required in this environment.
This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity and how to use a playbook for incident response.
This course will help you:
- Learn the fundamental skills that a cybersecurity analyst in a security operations center uses, including threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response
- Prepare for the Cisco Certified CyberOps Associate certification with hands-on practice using real-life security analysis tools, such as those found in a Linux distribution
- Qualify for entry-level job roles in the high-demand area of cybersecurity
After taking this course, you should be able to:
- Describe the three common SOC types, tools used by SOC analysts, job roles within the SOC, and incident analysis within a threat-centric SOC
- Explain security incident investigations, including event correlation and normalization and common attack vectors, and be able to identify malicious and suspicious activities
- Explain the use of an SOC playbook to assist with investigations, the use of metrics to measure the effectiveness of the SOC, the use of an SOC workflow management system and automation to improve SOC efficiency, and the concepts of an incident response plan