Understanding Risk Management and SOC Operations
Understanding Analytical Processes and Playbooks
Investigating Packet Captures, Logs, and Traffic Analysis
Investigating Endpoint and Appliance Logs
Understanding Cloud Service Model Security Responsibilities
Understanding Enterprise Environment Assets
Implementing Threat Tuning
Threat Research and Threat Intelligence Practices
Understanding APIs
Understanding SOC Development and Deployment Models
Performing Security Analytics and Reports in a SOC
Malware Forensics Basics
Threat Hunting Basics
Performing Incident Investigation and Response
Labs
- Explore Cisco SecureX Orchestration
- Explore Splunk Phantom Playbooks
- Examine Cisco Firepower Packet Captures and PCAP Analysis
- Validate an Attack and Determine the Incident Response
- Submit a Malicious File to Cisco Threat Grid for Analysis
- Endpoint-Based Attack Scenario Referencing MITRE ATTACK
- Evaluate Assets in a Typical Enterprise Environment
- Explore Cisco Firepower NGFW Access Control Policy and Snort Rules
- Investigate IOCs from Cisco Talos Blog Using Cisco SecureX
- Explore the ThreatConnect Threat Intelligence Platform
- Track the TTPs of a Successful Attack Using a TIP
- Query Cisco Umbrella Using Postman API Client
- Fix a Python API Script
- Create Bash Basic Scripts
- Reverse Engineer Malware
- Perform Threat Hunting
- Conduct an Incident Response