Course Description


This class will teach the operational aspects of running a cyber security program within an enterprise environment.  Some topics include security sensors, security data collection, incident prevention, incident detection & response, and endpoint forensics for incident response.

Course Goals and Learning Outcomes

  • Student will understand the basic concepts of information security and how they apply to security operations.
  • Students will learn the background information and skillsets necessary to operate as an effective cyber security operations staff member and leader.
  • Student will understand options for the layout and management of a security operations center and how these choices affect performance and abilities of the center.
  • Student will be able to perform basic incident triage including analyzing network and host artifacts.
  • Student will understand the lifecycle of a security incident from discovery to reporting to executives.
  • Student will understand the function of currently used security operations center tools including both analysis environments and instrumentation of the enterprise environment.
  • Student will understand the importance of and be able to perform vulnerability management.

Course Schedule