CBRCORCICiscoCI-CBRCOR1.1<ul> <li>Describe the types of service coverage within a SOC and operational responsibilities associated with each</li><li>Compare security operations considerations of cloud platforms</li><li>Describe the general methodologies of SOC platforms development, management, and automation</li><li>Describe asset segmentation, segregation, network segmentation, microsegmentation, and approaches to each, as part of asset controls and protections</li><li>Describe Zero Trust and associated approaches, as part of asset controls and protections</li><li>Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC</li><li>Use different types of core security technology platforms for security monitoring, investigation, and response</li><li>Describe the DevOps and SecDevOps processes</li><li>Describe the common data formats (e.g., JavaScript Object Notation (JSON), HTML, XML, and Comma-Separated Values (CSV))</li><li>Describe API authentication mechanisms</li><li>Analyze the approach and strategies of threat detection, during monitoring, investigation, and response</li><li>Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs)</li><li>Interpret the sequence of events during an attack based on analysis of traffic patterns</li><li>Describe the different security tools and their limitations for network analysis (e.g., packet capture tools, traffic analysis tools, and network log analysis tools)</li><li>Analyze anomalous user and entity behavior (UEBA)</li><li>Perform proactive threat hunting following best practices</li></ul><p>Although there are no mandatory prerequisites, to fully benefit from this course, you should have the following knowledge: </p> <ul> <li>Familiarity with UNIX/Linux shells (bash, csh) and shell commands</li><li>Familiarity with the Splunk search and navigation functions</li><li>Basic understanding of scripting using one or more of Python, JavaScript, PHP or similar.</li></ul><p>Recommended Cisco offering that may help you prepare for this course:</p> <ul> <li><span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/cisco-ccna"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Implementing and Administering Cisco Solutions <span class="fl-prod-pcode">(CCNA)</span></a></span></li><li><span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/cisco-cbrops"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Understanding Cisco Cybersecurity Operations Fundamentals <span class="fl-prod-pcode">(CBROPS)</span></a></span></li></ul><p>Although there are no mandatory prerequisites, the course is particularly suited for the following audiences: </p> <ul> <li>Cybersecurity engineer</li><li>Cybersecurity investigator</li><li>Incident manager</li><li>Incident responder</li><li>Network engineer</li><li>SOC analysts currently functioning at entry level with a minimum of 1 year of experience</li></ul><ul> <li>Understanding Risk Management and SOC Operations</li><li>Understanding Analytical Processes and Playbooks</li><li>Understanding Cloud Service Model Security Responsibilities</li><li>Understanding Enterprise Environment Assets</li><li>Understanding APIs</li><li>Understanding SOC Development and Deployment Models</li><li>Investigating Packet Captures, Logs, and Traffic Analysis</li><li>Investigating Endpoint and Appliance Logs</li><li>Implementing Threat Tuning</li><li>Threat Research and Threat Intelligence Practices</li><li>Performing Security Analytics and Reports in a SOC</li><li>Malware Forensics Basics</li><li>Threat Hunting Basics</li><li>Performing Incident Investigation and Response</li></ul>- Describe the types of service coverage within a SOC and operational responsibilities associated with each - Compare security operations considerations of cloud platforms - Describe the general methodologies of SOC platforms development, management, and automation - Describe asset segmentation, segregation, network segmentation, microsegmentation, and approaches to each, as part of asset controls and protections - Describe Zero Trust and associated approaches, as part of asset controls and protections - Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC - Use different types of core security technology platforms for security monitoring, investigation, and response - Describe the DevOps and SecDevOps processes - Describe the common data formats (e.g., JavaScript Object Notation (JSON), HTML, XML, and Comma-Separated Values (CSV)) - Describe API authentication mechanisms - Analyze the approach and strategies of threat detection, during monitoring, investigation, and response - Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs) - Interpret the sequence of events during an attack based on analysis of traffic patterns - Describe the different security tools and their limitations for network analysis (e.g., packet capture tools, traffic analysis tools, and network log analysis tools) - Analyze anomalous user and entity behavior (UEBA) - Perform proactive threat hunting following best practicesAlthough there are no mandatory prerequisites, to fully benefit from this course, you should have the following knowledge: - Familiarity with UNIX/Linux shells (bash, csh) and shell commands - Familiarity with the Splunk search and navigation functions - Basic understanding of scripting using one or more of Python, JavaScript, PHP or similar. Recommended Cisco offering that may help you prepare for this course: - Implementing and Administering Cisco Solutions (CCNA) - Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)Although there are no mandatory prerequisites, the course is particularly suited for the following audiences: - Cybersecurity engineer - Cybersecurity investigator - Incident manager - Incident responder - Network engineer - SOC analysts currently functioning at entry level with a minimum of 1 year of experience- Understanding Risk Management and SOC Operations - Understanding Analytical Processes and Playbooks - Understanding Cloud Service Model Security Responsibilities - Understanding Enterprise Environment Assets - Understanding APIs - Understanding SOC Development and Deployment Models - Investigating Packet Captures, Logs, and Traffic Analysis - Investigating Endpoint and Appliance Logs - Implementing Threat Tuning - Threat Research and Threat Intelligence Practices - Performing Security Analytics and Reports in a SOC - Malware Forensics Basics - Threat Hunting Basics - Performing Incident Investigation and Response5 days2625.003290.003305.004000.0011760.003495.003495.002625.002625.002625.004300.003440.002580.002990.003950.003950.004200.004160.003995.005515.003950.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.0040.00