Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Into the Trenches: Security Operations Center

EC-Council via Coursera

Go to class Write review

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
The Into the Trenches: Security Operations Center course prepares learners for real-world security operations. Learners will understand enterprise security structure, recognize modern threat and attacker tactics, techniques, and procedures (TTPs), and gain a basic primer to Security Onion. The course covers the basics of incident response, including event monitoring, threat hunting, vulnerability management, and incident response strategies. By the end of this course, learners will be able to handle security incidents effectively and apply defensive tools for the modern enterprise.

Syllabus

  • Lab Setup
    • In this Section, we will set ourselves up with tools needed to perform network monitoring as well as targets to practice these techniques against.
  • Enterprise Security Operations
    • What exactly is a SOC and why are they important? This section will cover the high-level concept of a Security Operations Center and Enterprise Operations.
  • Hacker Tactics, Techniques, and Procedures
    • To defend a network, we must first understand the types of threats we need to defend against. This section will cover modern tactics, techniques, and procedures attackers are using from gaining initial access to a compromised network, moving around inside the network, and eventually exiling or causing damage.
  • Defensive Tools for the Modern Enterprise
    • Monitoring massive networks comprised of thousands of endpoints and hundreds of applications is a daunting task. To help make the process more approachable SOCs deploy various security tools to help monitor and identify potential attacks. This section will cover some of the more common tools used in SOCs.
  • Event Monitoring and Threat Hunting
    • SOC analysts spend a large amount of time analyzing network events and logs looking for oddities that might indicate an attack of some sort. There are lots of tools and techniques used to do this activity. This section will give a foundation for what event monitoring, indicators of compromise, and threat hunting are.
  • Vulnerability Management
    • Everyday there are new vulnerabilities announced for software and hardware devices deployed across the globe. Attackers take these announcements and immediately look for ways to take advantage of them. A key component of enterprise defense operations is to reduce the potential attack surface with a process known as vulnerability management. Vulnerability management is an art all to itself and in this section, we will talk about some of the ways to help master the artform.
  • Incident Response
    • More and more organizations are in the news with reports of them being “hacked”. If you work at a SOC you will have security incidents that require urgent attention. This section will discuss the basic principles of incident response.
  • Course Conclusion and Final Comments
    • In this section we will summarize some of the major ideas and key takeaways that we have been learning about as well as discuss ways to continue to grow our knowledge.
  • Bonus Module
    • This module underscores the importance of SIEM solutions, the key challenges of traditional SIEM and understanding of next generation SIEM.

Taught by

EC-Council

Reviews

Start your review of Into the Trenches: Security Operations Center

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.