Description
This class will teach the operational aspects of running a cyber security program within an enterprise environment. Some topics include security sensors, security data collection, incident prevention, incident detection & response, and endpoint forensics for incident response.
Course Goals and Learning Outcomes
- Student will understand the basic concepts of information security and how they apply to security operations.
- Students will learn the background information and skillsets necessary to operate as an effective cyber security operations staff member and leader.
- Student will understand options for the layout and management of a security operations center and how these choices affect performance and abilities of the center.
- Student will be able to perform basic incident triage including analyzing network and host artifacts.
- Student will understand the lifecycle of a security incident from discovery to reporting to executives.
- Student will understand the function of currently used security operations center tools including both analysis environments and instrumentation of the enterprise environment.
- Student will understand the importance of and be able to perform vulnerability management.