The planned actions may be carried out in classroom or online format
Security Operations Fundamentals
This course provides the student with an understanding of Security Operations (SecOps) and the role it lays in protecting our digital way of life, for businesses and customers. Students will learn continuous improvement processes to collect high-fidelity intelligence, contextual data, and automated prevention playbook workflows that quickly identify and respond to fast-evolving threats. Students will also learn how to leverage artificial intelligence driven automation used to facilitate the Security Operation Center’s (SOC) mission to identify, investigate and mitigate threats.
NIST/NICE Alignment and Work Roles:
Cyberspace Intelligence – All Source Analysis (CI-WRL-001)
Protection and Defense – Vulnerability Analysis (PD-WRL-007)
Potential Job Roles:
- Cyber Threat Analyst;
- Vulnerability Analyst;
- Incident and Intrusion Analyst
Course Objectives:
- Identify the key Security Operations elements and processes.
- Discover the Pillars of Automation: People, Processes, and Technology.
- Configure and test log forwarding for traffic analysis investigation and response.
- Describe Security Information and Event Management (SIEM).
- Discover Security Operations Center engineering and analysis processes.
- Define security orchestration, automation, and response (SOAR) for SecOps.
- Configure the Next Generation Firewall to stop Reconnaissance Attacks.
- Recognize the major components of the Cortex XDR deployment architecture.
- Configure the Next Generation Firewall with endpoint Vulnerability Profiles.
- Identify how to streamline the aggregation and sharing of threat intelligence.
- Configure the Next Generation Firewall to use Dynamic Block Lists.
- Explain how AI/ML collects, integrates, and normalizes enterprise security data.
- Discover how AI facilitates the automation of cybersecurity defenses.
- Explore AI-driven Security Operations (SecOps) platform technologies.
