Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Google

SecOps on GDC for Tier 1 and Tier 2 Analysts

Google via Google Skills

Go to class Write review
Scrimba Ad

Free courses from frontend to fullstack and AI

Learn More → GetSmarter Ad

AI Adoption - Drive Business Value and Organizational Impact

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This course gives you a deep dive into the workflows of Tier 1 and Tier 2 security analysts.

Syllabus

  • Course overview
    • Course overview
  • Monitoring and intake for Tier 1 analysts
    • Module overview
    • Monitoring security events
    • Automated detection methods
    • Internal detection methods
    • External detection methods
    • Incident intake
    • Alert triage
    • The alert triage process
    • Alert triage at Cymbal Federal
    • Alert triage best practices
    • Data collection
    • Data categorization
    • Impact Assessment
    • Tier 1 remediation actions
    • A phishing attack at Cymbal Federal is fully resolved in Tier 1
    • A phishing attack at Cymbal Federal is escalated to Tier 2
    • Support processes
    • ServiceNow tickets
    • Collaborating with other Tier 1 analysts
    • Support processes at Cymbal Federal
    • Module review
    • Knowledge check
  • Incident response for Tier 2 analysts
    • Module overview
    • Incident response for Tier 2
    • Reception of an escalated incident ticket
    • Review of an escalated ticket
    • Ticket management with ServiceNow
    • An escalated ticket at Cymbal Federal
    • Incident investigation
    • Data correlation during investigation
    • Key sources for data correlation
    • Data correlation at Cymbal Federal
    • Incident analysis during investigation
    • System analysis strategies
    • System analysis at Cymbal Federal
    • Malware analysis strategies
    • Malware analysis at Cymbal Federal
    • Network traffic analysis strategies
    • Network traffic analysis at Cymbal Federal
    • Key points about incident investigation
    • Remediation of an incident
    • Containing a malware outbreak at Cymbal Federal
    • Containing a malware outbreak at Cymbal Federal
    • Remediation of a DDoS attack at Cymbal Federal
    • Key points on containment and remediation
    • The recovery process
    • Recovery from a DDoS attack at Cymbal Federal
    • Report on an incident
    • Postmortem
    • Postmortem for a malware attack at Cymbal Federal
    • Support processes for escalation and collaboration
    • Common questions on support processes
    • Module review.mp4
    • Knowledge check
  • Runbooks in action: Predefined incident response processes for Tier 1 and Tier 2 analysts
    • Module overview
    • Introduction to coded guidelines
    • Incident response plans, playbooks, and runbooks
    • Determining ownership assignment
    • Determining impact severity
    • Runbooks in SecOps
    • Runbooks for Tier 2 incident response
    • Runbooks for containment, remediation, and recovery
    • Runbooks for post-incident actions
    • Common runbooks for GDC
    • Runbooks at Cymbal Federal
    • Module review
    • Knowledge check
  • Resources
    • Course Slides
    • Additional Resources
  • Your Next Steps
    • Course Badge

Tags

Reviews

Start your review of SecOps on GDC for Tier 1 and Tier 2 Analysts

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.