logo


your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

CBRCOR-Performing CyberOps Using Cisco Security Technologies

SS Course: GK821350

Course Overview

TOP

The exam will test for knowledge in the following areas:

  • Monitoring for cyberattacks
  • Analyzing high volume of data using automation tools and platforms both open source and commercial
  • Accurately identifying the nature of attack and formulate a mitigation plan
  • Scenario-based questions; for example, using a screenshot of output from a tool, you may be asked to interpret portions of output and establish conclusions

This course is eligible for 40 Continuing Education Credits (ILT & ELT Modality).

                                                                  

Scheduled Classes

TOP
11/18/24 - GVT - Virtual Classroom - Virtual Instructor-Led
03/10/25 - GVT - Virtual Classroom - Virtual Instructor-Led
05/19/25 - GVT - Virtual Classroom - Virtual Instructor-Led

Outline

TOP

After taking this course, you should be able to:

  • Describe the types of service coverage within a SOC and operational responsibilities associated with each.
  • Compare security operations considerations of cloud platforms.
  • Describe the general methodologies of SOC platforms development, management, and automation.
  • Explain asset segmentation, segregation, network segmentation, micro-segmentation, and approaches to each, as part of asset controls and protections.
  • Describe Zero Trust and associated approaches, as part of asset controls and protections.
  • Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC.
  • Use different types of core security technology platforms for security monitoring, investigation, and response.
  • Describe the DevOps and SecDevOps processes.
  • Explain the common data formats, for example, JavaScript Object Notation (JSON), HTML, XML, Comma-Separated Values (CSV).
  • Describe API authentication mechanisms.
  • Analyze the approach and strategies of threat detection, during monitoring, investigation, and response.
  • Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
  • Interpret the sequence of events during an attack based on analysis of traffic patterns.
  • Describe the different security tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools).
  • Analyze anomalous user and entity behavior (UEBA).
  • Perform proactive threat hunting following best practices.

    Prerequisites

    TOP

    Although there are no mandatory prerequisites, to fully benefit from this course, you should have the following knowledge:

    • Familiarity with UNIX/Linux shells (bash, csh) and shell commands.
    • Familiarity with the Splunk search and navigation functions
    • Basic understanding of scripting using one or more of Python, JavaScript, PHP or similar.

      Who Should Attend

      TOP
      • Cybersecurity engineer
      • Cybersecurity investigator
      • Incident manager
      • Incident responder
      • Network engineer
      • SOC analysts currently functioning at entry level with a minimum of 1 year of experience