Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Security Operations Center (SOC)

Cisco via Coursera

Overview

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you acquire the fundamental skills required in a security operations center. You will learn the primary functions of a security operations center (SOC) and the critical role it plays in protecting organizational assets from cyber-attacks. By the end of the course, you will be able to: • Gain an understanding of SOC team member’s daily activities and responsibilities. • Identify who these bad actors are, their motives, why they attack, and what they attack. • Review the goals of implementing a SOC and covers the business benefits that an organization achieves by employing a SOC. • Introduce technical and procedural challenges in a SOC. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Syllabus

  • Introduction to Security Operations Center
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you acquire the fundamental skills required in a security operations center. You will learn the primary functions of a security operations center (SOC) and the critical role it plays in protecting organizational assets from cyber-attacks. By the end of the course, you will be able to: • Gain an understanding of SOC team member’s daily activities and responsibilities. • Identify who these bad actors are, their motives, why they attack, and what they attack. • Review the goals of implementing a SOC and covers the business benefits that an organization achieves by employing a SOC. • Introduce technical and procedural challenges in a SOC. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Security Operations Center Processes and Services
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this lesson evaluates SOC processes and services. By the end of the course, you will be able to: • Understand primary responsibilities of a SOC and its interactions with other departments within the organization.• Understand various services that a SOC provides throughout the incident response phases. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • SOC Deployment Models and Types
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand SOC types, staffing considerations, and deployment models and their consumers. By the end of the course, you will be able to: • Describe various SOC types and staffing considerations. • Describe SOC deployment models and their corresponding consumer profiles. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Staffing an Effective SOC Team
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you to understand about staff that work in SOC and their personnel roles and titles. Describe the necessary skills to work in a SOC. By the end of the course, you will be able to: • Describe the role of each SOC member in general and in the context of incidence response. Describe the skill set of each SOC member and their toolkit components. • Describe the interactions of SOC members with each other and external entities in the context of incidence response. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Security Events Data and SOC Analyst Tools
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the data collection and data analytics activities performed in a SOC. Identify tools for performing data collection and analysis activities and how they complement each other. By the end of the course, you will be able to: • Describe SOC relevant data and security event data. • Describe SOC tools and their features. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Developing Key Relationships with Internal and External Stakeholders
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the importance of using effective tools and developing a good relationship with external organizations. Describe the most important tools and software the SOC team uses to achieve this goal. By the end of the course, you will be able to: • Describe intelligence resources, regulatory agencies, and government industry organizations with which the SOC communicates. • Describe the policies, procedures, and governance rules to integrate with SOC procedures that define how it engages with users, HR, and legal in response to detected violations of procedures. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Understanding SOC Metrics
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you explain the use of SOC metrics to measure the effectiveness of the SOC. By the end of the course, you will be able to: • Explain security data aggregation. • Explain Time to Detection (TTD) in context to network security. • Describe security controls detection effectiveness. • Describe SOC metrics. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
  • Understanding SOC Workflow and Automation
    • If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the use of a workflow management system and automation to improve the effectiveness of the SOC. By the end of the course, you will be able to: • Describe SOC WMS concepts. • Describe how a typical workflow management system is integrated within a SOC.• Describe SOC WMS integration. • Provide an example of SOC workflow automation. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Taught by

Cisco Learning & Certifications

Reviews

4.8 rating at Coursera based on 192 ratings

Start your review of Security Operations Center (SOC)

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.