Course Duration

5 Days

Prerequisites

• It is recommended, but not required, that students have the following knowledge and skills before attending this course:
• CCNA Basic Cisco IOS Software switch and router configuration skills
• CCNA Routing and Switching Certification
• CCNA Security Certification

Course Content

This lab-intensive training course prepares you to hit the ground running as an entry level security analyst team member. The course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand cyber security concepts and to recognize specific threats and attacks on your network. It will teach you how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network. The job role for a security analyst will vary from industry to industry and differ in the private sector versus the public sector. Upon completing this course, students will have the following knowledge and skills:
• Describe the tools, techniques, and thought processes of an attacker
• Describe the features, functions, and benefits of an SOC
• Identify the common sources used to detect an incident, as well as the actions that should be considered in response
• Perform basic packet capture and packet analysis
• Enable syslog on Cisco devices and to perform basic network log analysis
• Discuss the relevance of baselining and some of the most useful steps to be used when deploying a system
• Discuss the policies and roles in the typical SOC, as well as some of the common tools used by SOC members
• Discuss techniques used to identify anomalies and correlate log entries
• Understand techniques used to scope, document, and analyze investigations
• Discuss the methodology behind mitigations
• Discuss documentation and communication during an incident
• Discuss post-incident considerations

Course Outline

• Module 1: Attacker Methodology
• Module 2: Defender Methodology
• Module 3: Defender Tools
• Module 4: Packet Analysis
• Module 5: Network Log Analysis
• Module 6: Baseline Network Operations
• Module 7: Incident Response Preparation
• Module 8: Security Incident Detection
• Module 9: Investigations
• Module 10: Mitigations and Best Practices
• Module 11: Communication
• Module 12: Post-Event Activity

Who Should Attend

This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks