This course will give students a baseline knowledge of enterprise security operations. Content will explore models and architectures of Security Operation Centers (SOCs), including implementation of both preventative and detective technologies. Students will gain skills in vulnerability management by learning how to leverage kill chains, characterize threat actors, perform vulnerability scanning, and explore adversarial tactics/techniques/procedures (TTPs). In-depth understanding of SOC operations will be attained by understanding security operation roles along with challenges related to building, tuning, and maintaining SOCs. Best practices will be promoted such as the use of threat intelligence sources, risk scoring, threat hunting, use cases, incident response plans, and effective communication skills.
- Understand components of security operations.
- Explore enterprise security operations architectures.
- Recognize and respond to cyber threats.
- Use best practices to improve security operation center (SOC) effectiveness.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.