SKU: NCX-CC-A-SO Category: Tags: , ,

Implementing Cisco Cybersecurity Operations (SECOPS)

CCNA Cyber Ops

Cybersecurity in Information Technology is critical. According to Kaspersky Labs, in 2017 the average cost of a single enterprise data breach was $1.3 million. Hiscox Insurance estimated the cost, to the global economy, of cybercrime in 2016 alone was $450 billion.

Cisco’s CCNA Cyber Ops certification training prepares the student to recognize potential threats and to understand the defensive techniques and countermeasures available which can mitigate or prevent attacks.

This is the second of two 5-day courses which prepare students for the Cisco Certified Network Associate (CCNA) – Cyber Ops certification.



SECOPS Training for CCNA Cyber Ops Certification

Course Objectives

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC Metrics
  • Understand SOC Workflow Management system and automation

Pre-Requisites (recommended)

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Exam Required for CCNA Certification

Cisco 210-255 SECOPS
Proctored exam: 90 minutes (60-70 questions)
Exam proctor: PearsonVUE

SECOPS Course Outline

Module 1: SOC Overview
  • Lesson 1: Defining the Security Operations Center
  • Lesson 2: Understanding NSM Tools and Data
  • Lesson 3: Understanding Incident Analysis in a Threat-Centric SOC
  • Lesson 4: Identifying Resources for Hunting Cyber Threats
Module 2: Security Incident Investigations
  • Lesson 1: Understanding Event Correlation and Normalization
  • Lesson 2: Identifying Common Attack Vectors
  • Lesson 3: Identifying Malicious Activity
  • Lesson 4: Identifying Patterns of Suspicious Behavior
  • Lesson 5: Conducting Security Incident Investigations
Module 3: SOC Operations
  • Lesson 1: Describing the SOC Playbook
  • Lesson 2: Understanding the SOC Metrics
  • Lesson 3: Understanding the SOC WMS and Automation
  • Lesson 4: Describing the Incident Response Plan
  • Lesson 5: Appendix A—Describing the Computer Security Incident Response Team
  • Lesson 6: Appendix B—Understanding the use of VERIS