Security Operations Center in Practice
Course provided by IBM
About this course
- Get acquainted with the benefits and risks of leveraging cloud technologies
- Employ high-end security enterprise solutions
- Insight into threat modelling methods and frameworks
- Understand Security Operations Center responses to incoming cybersecurity threats
- Analyse the roles and archetypes that work in concert to address cybersecurity incidents
How does it work?
- This course is divided into three practice levels to progress through at your own pace.
- Each level covers more advanced topics and builds up on top of the concepts, practice and skills addressed on the previous practice levels.
Who should take this course
- If you already have a lot of experience in cyber security, but desire to dig deeper into advanced concepts such as high-end security enterprise solutions and threat modelling methods and frameworks, this course is right for you.
- If youve completed our Getting Started with Threat Intelligence and Hunting and Enterprise Security in Practice foundation and intermediate courses, this is the logical next step for your knowledge building.
- EITHERComplete the Enterprise Security in Practice course from the Cyber Security Series.
- OR You will need prior knowledge on the following subjects before joining this course:
- Motivations behind cyber-attacks, impact on known targeted companies, and the cyber resilience framework.
- Market statistics, attack surfaces and vectors in the following industries: Energy and Utilities, Healthcare, Federal government.
- Kill chain analysis, statistics and examples for the following cyber-attack approaches: DDoS, Botnets, Injection Attacks, Shellshock, SQL Injection, Watering Hole, Brute Force, Phishing and Ransomware.
- First-hand experience using pen testing tools such as: Terminal CLI commands, Telnet, SSH, Nmap, Wireshark, and browser-based security practices.
- Real-world use case experience on the sequence of events that occur within a company when exposed to a cyber-attack from an infrastructure perspective to the roles involved in the incident, including the CEO, CISO, DBA, and Network administrators.