This is an Associate-level self-study technical course in the curriculum for the CCNA Cyber Ops certification. This course allows learners to understand how a Security Operations Center (SOC) functions and the introductory-level skills and knowledge needed in this environment. This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.
What you will learn
Upon completion you will be able to:
- Define a SOC and the various job roles in a SOC
- Understand SOC infrastructure tools and systems
- Learn basic incident analysis for a threat centric SOC
- Explore resources available to assist with an investigation
- Explain basic event correlation and normalization
- Describe common attack vectors
- Learn how to identifying malicious activity
- Understand the concept of a playbook
- Describe and explain an incident respond handbook
- Define types of SOC Metrics
- Understand SOC Workflow Management system and automation
The course content is presented in easily-consumable segments via both Instructor Video and text. Interactivity is enabled through Discovery Labs, content review questions, and graded Challenge Labs and Tests. This makes the learning experience hands-on, increasing course effectiveness, and provides students direct feedback on how well they have mastered the material. Gamification features are built in, including earning badges, achievements, and a leaderboard, to encourage better performance.