Modern Security Operations Center

(SEC-OPS.AP1) / ISBN : 978-1-64459-544-2
This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get A Free Trial

About This Course

Skills You’ll Get

1

Preface

  • Vision
  • Who Should Read This Course?
  • How This Course Is Organized
  • Course Structure
2

Introducing Security Operations and the SOC

  • Introducing the SOC
  • Factors Leading to a Dysfunctional SOC
  • Cyberthreats
  • Investing in Security
  • The Impact of a Breach
  • Establishing a Baseline
  • Fundamental Security Capabilities
  • Standards, Guidelines, and Frameworks
  • Industry Threat Models
  • Vulnerabilities and Risk
  • Business Challenges
  • In-House vs. Outsourcing
  • SOC Services
  • SOC Maturity Models
  • SOC Goals Assessment
  • SOC Capabilities Assessment
  • SOC Development Milestones
  • Summary
  • References
3

Developing a Security Operations Center

  • Mission Statement and Scope Statement
  • Developing a SOC
  • SOC Procedures
  • Security Tools
  • Planning a SOC
  • Designing a SOC Facility
  • Network Considerations
  • Disaster Recovery
  • Security Considerations
  • Internal Security Tools
  • Guidelines and Recommendations for Securing Your SOC Network
  • SOC Tools
  • Summary
  • References
4

SOC Services

  • Fundamental SOC Services
  • The Three Pillars of Foundational SOC Support Services
  • SOC Service Areas
  • SOC Service Job Goals
  • Service Maturity: If You Build It, They Will Come
  • SOC Service 1: Risk Management
  • SOC Service 2: Vulnerability Management
  • SOC Service 3: Compliance
  • SOC Service 4: Incident Management
  • SOC Service 5: Analysis
  • SOC Service 6: Digital Forensics
  • SOC Service 7: Situational and Security Awareness
  • SOC Service 8: Research and Development
  • Summary
  • References
5

People and Process

  • Career vs. Job
  • Developing Job Roles
  • SOC Job Roles
  • NICE Cybersecurity Workforce Framework
  • Role Tiers
  • SOC Services and Associated Job Roles
  • Soft Skills
  • Security Clearance Requirements
  • Pre-Interviewing
  • Interviewing
  • Onboarding Employees
  • Managing People
  • Job Retention
  • Training
  • Certifications
  • Evaluating Training Providers
  • Company Culture
  • Summary
  • References
6

Centralizing Data

  • Data in the SOC
  • Data-Focused Assessment
  • Logs
  • Security Information and Event Management
  • Troubleshooting SIEM Logging
  • APIs
  • Big Data
  • Machine Learning
  • Summary
  • References
7

Reducing Risk and Exceeding Compliance

  • Why Exceeding Compliance
  • Policies
  • Launching a New Policy
  • Policy Enforcement
  • Procedures
  • Tabletop Exercise
  • Standards, Guidelines, and Frameworks
  • Audits
  • Assessments
  • Penetration Test
  • Industry Compliance
  • Summary
  • References
8

Threat Intelligence

  • Threat Intelligence Overview
  • Threat Intelligence Categories
  • Threat Intelligence Context
  • Evaluating Threat Intelligence
  • Planning a Threat Intelligence Project
  • Collecting and Processing Intelligence
  • Actionable Intelligence
  • Feedback
  • Summary
  • References
9

Threat Hunting and Incident Response

  • Security Incidents
  • Incident Response Lifecycle
  • Phase 1: Preparation
  • Phase 2: Detection and Analysis
  • Phase 3: Containment, Eradication, and Recovery
  • Digital Forensics
  • Phase 4: Post-Incident Activity
  • Incident Response Guidelines
  • Summary
  • References
10

Vulnerability Management

  • Vulnerability Management
  • Measuring Vulnerabilities
  • Vulnerability Technology
  • Vulnerability Management Service
  • Vulnerability Response
  • Vulnerability Management Process Summarized
  • Summary
  • References
11

Data Orchestration

  • Introduction to Data Orchestration
  • Security Orchestration, Automation, and Response
  • Endpoint Detection and Response
  • Playbooks
  • Automation
  • DevOps Programming
  • DevOps Tools
  • Blueprinting with Osquery
  • Network Programmability
  • Cloud Programmability
  • Summary
  • References
12

Future of the SOC

  • All Eyes on SD-WAN and SASE
  • MPLS Failure!
  • IT Services Provided by the SOC
  • Future of Training
  • Full Automation with Machine Learning
  • Future of Your SOC: Bringing It All Together
  • Summary
  • References

1

Developing a Security Operations Center

  • Using Windows Firewall
  • Configuring a VPN
  • Setting Up a Honeypot
  • Capturing a Packet Using Wireshark
  • Configuring NetFlow
  • Implementing Intrusion Detection System
2

SOC Services

  • Identifying Search Options in Metasploit
  • Searching Exploits Using searchsploit
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Vulnerability Scanning Using OpenVAS
  • Using the SET Tool
3

Centralizing Data

  • Viewing Windows Event Logs
  • Viewing the Syslogs
4

Reducing Risk and Exceeding Compliance

  • Using the Armitage Tool for Intrusion Detection
5

Threat Hunting and Incident Response

  • Observing an MD5-Generated Hash Value
  • Observing an SHA256-Generated Hash Value
  • Analyzing Malicious Activity in Memory Using Volatility
  • Analyzing Forensic Cases with Autopsy
  • Completing the Chain of Custody
6

Vulnerability Management

  • Using Nmap for Network Enumeration
  • Consulting a Vulnerability Database
  • Performing an Intense Scan in Zenmap
7

Data Orchestration

  • Creating an Ansible Configuration File
  • Creating Ansible Roles
  • Using the Ansible Tool
  • Using Osquery to Perform Enhanced Incident Response and Threat Hunting

Modern Security Operations Center

$ 423.85

Buy Now

Related Courses

All Course
scroll to top