OUTLINE
Module 1: Defining the Security Operations Center
Module 2: Understanding SOC Metrics
Module 3: SOC Workflow and Automation
Module 4: Windows Operating System Basics
Module 5: Understanding Linux Operating System Basics
Module 6: Understanding Endpoint Security Technologies
Module 7: Understanding Network Infrastructure and Network Security Monitoring Tools
Module 8: Understanding Common TCP/IP Attacks
Module 9: Exploring Data Type Categories
Module 10: Understanding Basic Cryptography Concepts
Module 11: Cloud Security Fundamentals
Module 12: Securing Cloud Deployments
Module 13: Understanding Incident Analysis in a Threat-Centric SOC
Module 14: Identifying Resources for Hunting Cyber Threats
Module 15: Understanding Event Correlation and Normalization
Module 16: Identifying Common Attack Vectors
Module 17: Identifying Malicious Activity
Module 18: Identifying Patterns of Suspicious Behavior
Module 19: Identifying Resources for Hunting Cyber Threats
Module 20: Understanding Event Correlation and Normalization
Module 21: Conducting Security Incident Investigations
Module 22: Using a Playbook Model to Organize Security Monitoring
Module 23: Describing Incident Response
LAB OUTLINE
- Explore the Windows Operating System
- Explore the Linux Operating System
- Explore Endpoint Security
- Explore TCP/IP Attacks
- Use NSM Tools to Analyze Data Categories
- Explore Cryptographic Technologies
- Investigate Hacker Methodology
- Investigate Browser-Based Attacks
- Analyze Suspicious DNS Activity
- Explore Security Data for Analysis
- Investigate Suspicious Activity Using Security Onion
- Hunt Malicious Traffic
- Cisco XDR to Splunk Enterprise Integration Simulation
- Correlate Event Logs, PCAPs, and Alerts of an Attack
- Investigate Advanced Persistent Threats
- Explore SOC Playbooks