CyberOps Associate

15/10/2022 to 17/10/2022 and 20/10/2022 to 24/10/2022

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOCs) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity exploits and threats. CyberOps Associate prepares candidates to begin a career working as associate-level cybersecurity analysts within security operations centers.

Upon completion of the CyberOps Associate v1.0 course, students will be able to perform the following tasks:

  • Install virtual machines to create a safe environment for implementing and analyzing cybersecurity threat events.

  • Explain the role of the Cybersecurity Operations Analyst in the enterprise.

  • Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.

  • Explain the features and characteristics of the Linux Operating System.

  • Analyze the operation of network protocols and services.

  • Explain the operation of the network infrastructure.

  • Classify the various types of network attacks.

  • Use network monitoring tools to identify attacks against network protocols and services.

  • Explain how to prevent malicious access to computer networks, hosts, and data.

  • Explain the impacts of cryptography on network security monitoring.

  • Explain how to investigate endpoint vulnerabilities and attacks.

  • Evaluate network security alerts.

  • Analyze network intrusion data to identify compromised hosts.

  • Apply incident response models to manage network security incidents.

Baseline Equipment Bundle:

  • PCs - minimum system requirements

    • CPU: Intel Pentium 4, 2.53 GHz or equivalent with virtualization support

    • Operating Systems, such as Microsoft Windows, Linux, and Mac OS

    • 64-bit processor

    • RAM: 8 GB

    • Storage: 40 GB of free disk space o Display resolution: 1024 x 768

    • Language fonts supporting Unicode encoding (if viewing in languages other than English) o Latest video card drivers and operating system updates

  • Internet connection for lab and student PCs

  • Oracle VM VirtualBox Manager (version 6.1.38 or later)

 

Day

Topics

Objectives

Day 1

The Danger

Explain why networks and data are attacked.

Fighters in the War Against Cybercrime

Explain how to prepare for a career in cybersecurity operations.

The Windows Operating System

Explain the security features of the Windows operating system.

Linux Overview

Implement basic Linux security.

Day 2

Network Protocols

Explain how protocols enable network operations.

Ethernet and Internet Protocol (IP)

Explain how the Ethernet and IP protocols support network communications.

Principles of Network Security

Connectivity Verification

Address Resolution Protocol

Analyze address resolution protocol PDUs on a network.

Day 3

The Transport Layer

Explain how transport layer protocols support network functionality.

Network Services

Explain how network services enable network functionality.

Network Communication Devices

Explain how network devices enable wired and wireless network communication.

Network Security Infrastructure

Explain how network devices and services are used to enhance network security.

Day 4

Attackers and Their Tools

Explain how networks are attacked.

Common Threats and Attacks

Explain the various types of threats and attacks.

Observing Network Operation

Explain network traffic monitoring.

Attacking the Foundation

Explain how TCP/IP vulnerabilities enable network attacks.

Attacking What We Do

Explain how common network applications and services are vulnerable to attack.

Day 5

Understanding Defense

Explain approaches to network security defense.

Access Control

Explain access control as a method of protecting a network.

Threat Intelligence

Use various intelligence sources to locate current security threats.

Cryptography

Explain how the public key infrastructure supports network security.

Day 6

Endpoint Protection

Explain how a malware analysis website generates a malware analysis report.

Endpoint Vulnerability Assessment

Explain how endpoint vulnerabilities are assessed and managed.

Technologies and Protocols

Explain how security technologies affect security monitoring.

Network Security Data

Explain the types of network security data used in security monitoring.

Day 7

Evaluating Alerts

Explain the process of evaluating alerts.

Working with Network Security Data

Interpret data to determine the source of an alert.

Digital Forensics and Incident Analysis and Response

Explain how the CyberOps Associate responds to cybersecurity incidents.

Day 8

Complete all labs and module/practice exams

 

Final Exam