This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

 Course Objectives

Upon completion of this course, you will be able to:

• Define a SOC and the various job roles in a SOC
• Understand SOC infrastructure tools and systems
• Learn basic incident analysis for a threat centric SOC
• Explore resources available to assist with an investigation
• Explain basic event correlation and normalization
• Describe common attack vectors
• Learn how to identifying malicious activity
• Understand the concept of a playbook
• Describe and explain an incident respond handbook
• Define types of SOC Metrics
• Understand SOC Workflow Management system and automation

 Who Should Attend

• Security Operations Center – Security Analyst
• Computer/Network Defense Analysts
• Computer Network Defense Infrastructure Support Personnel
• Future Incident Responders and Security Operations Center (SOC) personnel
• Students beginning a career, entering the cybersecurity field
• Cisco Channel Partners

 Prerequisites

It is recommended, but not required, that students have the following knowledge and skills:

• Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
• Working knowledge of the Windows operating system
• Working knowledge of Cisco IOS networking and concepts