Hands-On Cybersecurity Operations Fundamentals
Published by Pearson
Demystifying CyberOps
This course is a comprehensive two-day training for anyone interested in the field of Security Operations or CyberOps. It is meant to give you the core knowledge you need to further your career in security. Topics covered include security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures. This training is for security and network professionals who want to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. It also gives you a perspective on what you might expect working in a Cyber Operations role in a Security Operations Center.
This course includes deep dives into key topic areas as well as hands-on labs that students can utilize to test out some of the Cyber Operations techniques discussed in the course. This is an interactive course where we spend time whiteboarding and discussing the concepts covered in the schedule as well as demos of controls and tools used in the industry today.
What you’ll learn and how you can apply it
- Review fundamental security operations and vulnerability management concepts
- Walkthrough different attack methodologies and defense techniques
- Learn network visibility and monitoring techniques and see them in action in an SOC environment
- Apply best practices for security operations process implementation.
- Learn Cyber Operations methodologies and metrics
- Find the blind spots with network intrusion analysis
- Protect the endpoint with endpoint security controls.
- Learn through a final hands-on lab
This live event is for you because...
- You are just starting your cybersecurity career; this training will kickstart your learning, giving you a glimpse into the various areas of Cyber Security.
- You are already working as a security professional but need a refresher on some topics as well as an opportunity to dig into some of the latest concepts being discussed in the industry.
- You would benefit from hands-on lab to test out some of the Cyber Operations techniques discussed in the course.
- You would like to study for Cyber Security related certification exams, including the Cisco Certified CyberOps Associate exam.
Prerequisites
To get the most out of this training course students should have a base level of knowledge in information technology and networking concepts.
Recommended Follow-up
- (Video) Cisco CyberOps Associate CBROPS 200-201: https://learning.oreilly.com/videos/cisco-cyberops-associate/9780137333455/
- (Video) The Art of Hacking Video Collection: https://learning.oreilly.com/videos/the-art-of/9780135767849/
- (Live Online Training) The Modern Security Operation Center (SOC) by Joseph Muniz. Search O’Reilly for an upcoming date.
- Cloud-based Lab Environment: https://dcloud.cisco.com (Login provided during training)
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
DAY 1
Fundamental Security Operations Concepts (1 hour)
- Common security and networking terms and topics
- Vulnerability management concepts
- Attack methodologies and defense techniques
Break (10 mins)
Visibility and Monitoring Fundamentals (50 mins)
- Network visibility
- Network monitoring
- Demo: Network visibility and monitoring tools in SOC environment
Break (10 mins)
Secure your process (50 mins)
- Security operations process implementation
- Walkthrough: Process documentation resources
Cyber Operations methodologies (1 hour)
- Security Operations Center (SOC) methodologies and metrics
- Demo: Security Operations Center tools
DAY 2
Finding the blind spots (1.5 hours)
- Network intrusion analysis concepts
- Demo: Threat hunting tools
Protecting the endpoint (1.5 hours)
- Endpoint security controls
- Demo: Endpoint security tools
Break (10 mins)
Hands on Lab intro (50 mins)
- Introduction to Cyber Defense lab
- Demo: Lab environment overview
Your Instructor
Ron Taylor
Ron Taylor has been in the Information Security field for almost 20 years. Ten of those years were spent in consulting. In 2008, he joined the Cisco Global Certification Team as an SME in Information Assurance. In 2012, he moved into a position with the Security Research & Operations group, where his focus was mostly on penetration testing of Cisco products and services. He was also involved in developing and presenting security training to internal development and test teams globally. Additionally, he provided consulting support to many product teams as an SME on product security testing. He then spent some time as a Incident Manager for the Cisco Product Security Incident Response Team (PSIRT). His current role is a Security Architect specializing in Cisco’s security product line. . He has held a number of industry certifications including GPEN, GWEB, GCIA, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP, and MCSE. Ron has also authored books and video courses, is Cofounder and President of the Raleigh BSides Security Conference, and a founding member of the Red Team Village at Defcon.