CyberOps Associate
15/10/2022 to 17/10/2022 and 20/10/2022 to 24/10/2022
Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOCs) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity exploits and threats. CyberOps Associate prepares candidates to begin a career working as associate-level cybersecurity analysts within security operations centers.
Upon completion of the CyberOps Associate v1.0 course, students will be able to perform the following tasks:
-
Install virtual machines to create a safe environment for implementing and analyzing cybersecurity threat events.
-
Explain the role of the Cybersecurity Operations Analyst in the enterprise.
-
Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.
-
Explain the features and characteristics of the Linux Operating System.
-
Analyze the operation of network protocols and services.
-
Explain the operation of the network infrastructure.
-
Classify the various types of network attacks.
-
Use network monitoring tools to identify attacks against network protocols and services.
-
Explain how to prevent malicious access to computer networks, hosts, and data.
-
Explain the impacts of cryptography on network security monitoring.
-
Explain how to investigate endpoint vulnerabilities and attacks.
-
Evaluate network security alerts.
-
Analyze network intrusion data to identify compromised hosts.
-
Apply incident response models to manage network security incidents.
Baseline Equipment Bundle:
-
PCs - minimum system requirements
-
CPU: Intel Pentium 4, 2.53 GHz or equivalent with virtualization support
-
Operating Systems, such as Microsoft Windows, Linux, and Mac OS
-
RAM: 8 GB
-
Storage: 40 GB of free disk space o Display resolution: 1024 x 768
-
Language fonts supporting Unicode encoding (if viewing in languages other than English) o Latest video card drivers and operating system updates
-
-
Internet connection for lab and student PCs
-
Oracle VM VirtualBox Manager (version 6.1.38 or later)
Day |
Topics |
Objectives |
Day 1 |
The Danger |
Explain why networks and data are attacked. |
Fighters in the War Against Cybercrime |
Explain how to prepare for a career in cybersecurity operations. |
|
The Windows Operating System |
Explain the security features of the Windows operating system. |
|
Linux Overview |
Implement basic Linux security. |
|
Day 2 |
Network Protocols |
Explain how protocols enable network operations. |
Ethernet and Internet Protocol (IP) |
Explain how the Ethernet and IP protocols support network communications. |
|
Principles of Network Security |
Connectivity Verification |
|
Address Resolution Protocol |
Analyze address resolution protocol PDUs on a network. |
|
Day 3 |
The Transport Layer |
Explain how transport layer protocols support network functionality. |
Network Services |
Explain how network services enable network functionality. |
|
Network Communication Devices |
Explain how network devices enable wired and wireless network communication. |
|
Network Security Infrastructure |
Explain how network devices and services are used to enhance network security. |
|
Day 4 |
Attackers and Their Tools |
Explain how networks are attacked. |
Common Threats and Attacks |
Explain the various types of threats and attacks. |
|
Observing Network Operation |
Explain network traffic monitoring. |
|
Attacking the Foundation |
Explain how TCP/IP vulnerabilities enable network attacks. |
|
Attacking What We Do |
Explain how common network applications and services are vulnerable to attack. |
|
Day 5 |
Understanding Defense |
Explain approaches to network security defense. |
Access Control |
Explain access control as a method of protecting a network. |
|
Threat Intelligence |
Use various intelligence sources to locate current security threats. |
|
Cryptography |
Explain how the public key infrastructure supports network security. |
|
Day 6 |
Endpoint Protection |
Explain how a malware analysis website generates a malware analysis report. |
Endpoint Vulnerability Assessment |
Explain how endpoint vulnerabilities are assessed and managed. |
|
Technologies and Protocols |
Explain how security technologies affect security monitoring. |
|
Network Security Data |
Explain the types of network security data used in security monitoring. |
|
Day 7 |
Evaluating Alerts |
Explain the process of evaluating alerts. |
Working with Network Security Data |
Interpret data to determine the source of an alert. |
|
Digital Forensics and Incident Analysis and Response |
Explain how the CyberOps Associate responds to cybersecurity incidents. |
|
Day 8 |
Complete all labs and module/practice exams |
|
Final Exam |
|