What is included

• 5 Days Instructor-led Training
• Free Retake - Up to 2 Years
• Attend Online or Onsite
• Full Access to Study Kits
• Email Support from Instructor

Course Fee - $3,995*

Course Outline

• Defining the Security Operations Center
• Understanding Network Infrastructure and Network Security Monitoring Tools
• Exploring Data Type Categories
• Understanding Basic Cryptography Concepts
• Understanding Common TCP/IP Attacks
• Understanding Endpoint Security Technologies
• Understanding Incident Analysis in a Threat-Centric SOC
• Identifying Resources for Hunting Cyber Threats
• Understanding Event Correlation and Normalization
• Identifying Common Attack Vectors
• Identifying Malicious Activity
• Identifying Patterns of Suspicious Behavior
• Conducting Security Incident Investigations
• Using a Playbook Model to Organize Security Monitoring
• Understanding SOC Metrics
• Understanding SOC Workflow and Automation
• Describing Incident Response
• Understanding the Use of VERIS
• Understanding Windows Operating System Basics
• Understanding Linux Operating System Basics

Lab Outline

• Configure the Initial Collaboration Lab Environment
• Use NSM Tools to Analyze Data Categories
• Explore Cryptographic Technologies
• Explore TCP/IP Attacks
• Explore Endpoint Security
• Investigate Hacker Methodology
• Hunt Malicious Traffic
• Correlate Event Logs, PCAPs, and Alerts of an Attack
• Investigate Browser-Based Attacks
• Analyze Suspicious DNS Activity
• Explore Security Data for Analysis
• Investigate Suspicious Activity Using Security Onion
• Investigate Advanced Persistent Threats
• Explore SOC Playbooks
• Explore the Windows Operating System
• Explore the Linux Operating System