This course will help you:

• Gain an advanced understanding of the tasks involved for senior-level roles in a security operations center
• Configure common tools and platforms used by security operation teams via practical application
• Prepare you to respond like a hacker in real-life attack scenarios and submit recommendations to senior management
• Prepare for the 350-201 CBRCOR core exam
• Earn 30 CE credits toward recertification

• Cybersecurity engineer
• Cybersecurity investigator
• Incident manager
• Incident responder
• Network engineer
• SOC analysts currently functioning at entry level with a minimum of 1 year of experience

After taking this course, you should be able to:

• Describe the types of service coverage within a SOC and operational responsibilities associated with each.
• Compare security operations considerations of cloud platforms.
• Describe the general methodologies of SOC platforms development, management, and automation.
• Explain asset segmentation, segregation, network segmentation, micro-segmentation, and approaches to each, as part of asset controls and protections.
• Describe Zero Trust and associated approaches, as part of asset controls and protections.
• Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC.
• Use different types of core security technology platforms for security monitoring, investigation, and response.
• Describe the DevOps and SecDevOps processes.
• Explain the common data formats, for example, JavaScript Object Notation (JSON), HTML, XML, Comma-Separated Values (CSV).
• Describe API authentication mechanisms.
• Analyze the approach and strategies of threat detection, during monitoring, investigation, and response.
• Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs).
• Interpret the sequence of events during an attack based on analysis of traffic patterns.
• Describe the different security tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools).
• Analyze anomalous user and entity behavior (UEBA).
• Perform proactive threat hunting following best practices.