Implementing Cisco Cybersecurity Operations

This is the second course in Cisco's CCNA Cyber Ops Curriculum and is designed to provide students with an understanding of how a Security Operations Center (SOC) functions and the knowledge required in this environment. This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity and how to use a playbook for incident response.


Individuals interested in a career in cybersecurity,or looking to understand more about cybersecurity operations, or working towards their CCNA Cyber OPs certification.


Attendees should meet the following pre-requisites:

  • Basic Windows navigation and keyboard literacy skills
  • Basic Internet usage skills
  • Basic IP addressing knowledge

För att alltid hålla en hög kvalitet på våra teknikkurser använder vi både engelsk- och svensktalande experter som kursledare.


After completing this course you should be able to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identifying malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation


SOC Overview

  • Defining the Security Operations Center
  • Understanding NSM Tools and Data
  • Understanding Incident Analysis in a Threat-Centric SOC
  • Identifying Resources for Hunting Cyber Threats

Security Incident Investigations

  • Understanding Event Correlation and Normalization
  • Identifying Common Attack Vectors
  • Identifying Malicious Activity
  • Identifying Patterns of Susupicious Behavior
  • Conducting Security Incident Investigations

SOC Operations

  • Describing the SOC Playbook
  • Understanding the SOC Metrics
  • Understanding the SOC WMS and Automation
  • Describing the Incident Response Plan
  • Appendix A - Describing the Computer Security Incident Response Team
  • Appendix B - Understanding the use of VERIS


  • Guided Lab 1: Explore Network Security Monitoring Tools
  • Discovery 1: Investigate Hacker Methodology
  • Discovery 2: Hunt Malicious Traffic
  • Discovery 3: Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Discovery 4: Investigate Browser-Based Attacks
  • Discovery 5: Analyze Suspicious DNS Activity
  • Discovery 6: Investigate Suspicious Activity Using Security Onion
  • Discovery 7: Investigate Advanced Persistent Threats
  • Discovery 8: Explore SOC Playbooks

Om kursen

Pris: 32 450,00

exklusive moms

Längd 5
Kurskod SECOPS

Kursen hålls på begäran

Kontakta oss för mer information.

Telefon: 08-562 557 50