Understanding Cisco Cybersecurity Fundamentals (SECFND) ۱.۰

Prerequisites

It is recommended, but not required, that students have the following knowledge and skills:

Working knowledge of the Windows operating system

Working knowledge of the Linux operating system

Basic IPv4 and IPv6 addressing knowledge

Course Content

The course helps to prepare students for beginning and associate level roles in cybersecurity operations. The course focuses on security principles and technologies, using Cisco security products to provide hands-on examples. Using instructor-led discussions, extensive hands-on lab exercises, and supplemental materials, this course allows learners to understand common security concepts, and start to learn the basic security techniques used in a Security Operations Center (SOC) to find threats on a network using a variety of popular security tools within a real-life network infrastructure.

• Course Objectives

Upon completion of this course, you will be able to:

Describe, compare and identify various network concepts

Fundamentals of TCP/IP

Describe and compare fundamental security concepts

Describe network applications and the security challenges

Understand basic cryptography principles

Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux

Develop knowledge in security monitoring, including identifying sources and types of data and events

Course Outline

Module 1: Network Concepts

Module 2: Security Concepts

Module 3: Cryptography /IP

Module 4: Host-Based Analysis

Module 5: Security Monitoring

Module 6: Attack Methods

Implementing Cisco Cybersecurity Operations (SECOPS) ۱.۰

Prerequisites

It is recommended, but not required, that students have the following knowledge and skills:

Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)

Working knowledge of the Windows operating system

Working knowledge of Cisco IOS networking and concepts

Course Content

This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. It focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Course Objectives Upon completion of this course, you will be able to:

Define a SOC and the various job roles in a SOC

Understand SOC infrastructure tools and systems

Learn basic incident analysis for a threat centric SOC

Explore resources available to assist with an investigation

Explain basic event correlation and normalization

Describe common attack vectors

Learn how to identifying malicious activity

Understand the concept of a playbook

Describe and explain an incident respond handbook

Define types of SOC Metrics

Understand SOC Workflow Management system and automation

Course Outline

Module 1: SOC Overview

Lesson 1: Defining the Security Operations Center

Lesson 2: Understanding NSM Tools and Data

Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC

Lesson 4: Identifying Resources for Hunting Cyber Threats

Module 2: Security Incident Investigations

Lesson 1: Understanding Event Correlation and Normalization

Lesson 2: Identifying Common Attack Vectors

Lesson 3: Identifying Malicious Activity

Lesson 4: Identifying Patterns of Suspicious Behavior

Lesson 5: Conducting Security Incident Investigations

Module 3: SOC Operations

Lesson 1: Describing the SOC Playbook

Lesson 2: Understanding the SOC Metrics

Lesson 3: Understanding the SOC WMS and Automation

Lesson 4: Describing the Incident Response Plan

Lesson 5: Appendix A—Describing the Computer Security Incident Response Team

Lesson 6: Appendix B—Understanding the use of VERIS

Who Should Attend

Security Operations Center – Security Analyst

Computer/Network Defense Analysts

Computer Network Defense Infrastructure Support Personnel

Future Incident Responders and Security Operations Center (SOC) personnel

Students beginning a career, entering the cybersecurity field

Cisco Channel Partners