Information Security Operations Center ISOC for Non-Techies
Offered By: Udemy
Course Description
Overview
What you'll learn:
- You will learn the background of Cybersecurity & Hacking.
- You will have an increased awareness of hacking as a profession, You will go through data breaches occurring in different corporates
- You will go through an introduction of what a security operations center is, what are the branches within cyber security and the various job roles available
- You will understand network concepts, network topologies and layered communication in this course
- You will start using Maltego Tool after you go through a demo of the Maltego community edition 4.2.4.
- You can formulate various mitigation strategies, phishing & firewalls, intrusion detection and prevention systems.
- You can give insightful talks on zero-day exploit, malware and its types and man in the middle (mitm) attack
- You will learn the OSI Model, various mnemonics, protocol data units etc.
- You will learn the different components of Hacking: Reconnaissance, Scanning, Gaining access, Maintaining access & Clearing tracks.
- You will feel confident and comfortable with cyber kill chain methodology and how a traditional kill chain model works
- You will build your capability in information security attack vectors, phishing techniques, whaling and phishing mitigation.
- Introduction to SIEM: You will gain real time insights on Security information and event management and Security event manager
- You will identify threats and possible breaches and collect audit logs for security and compliance.
- You will learn that Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered
- You can understand how an attacker can come in and tries to understand how a corporate environment is setup of a target.
- You will learn what SIEM and Log Management mean for businesses & how to use them more effectively to mitigate risk for your company.
- You will learn that SIEM is necessary because of the rise in data breaches and to meet stringent compliance requirements
- Learn the right approach to building SIEM use cases, how to organize and prioritize use cases effectively.
- You will learn the SIEM elements, Big 3, Process flow, Features, Event life cycle, SOC controls and mgmt, SIEM architecture, Dashboards and Use cases
- You will revisit features of SIEM and learn SIEM deployment options
- SIEM Essentials Quiz
- You will learn the fundamentals of IP using a network simulation tool demo
- You will have a Complete Hands-on on Exploit Database, Online Cameras, People Search, DNS Search, Pastebin etc
- You will go through a demo on how to install and use Splunk Enterprise Security
An information security operations center (ISOC or SOC) is a facility where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed, and defended.
Have you ever wondered exactly how hackers 'hack'? Do words like firewalls, encryption, bio-metrics and malware sound confusing to you? Have you been looking for a course that teaches you all the basics of both information and cyber security in a fun relaxed manner? If so then you are going to find this course absolutely perfect for you.
This is a course that is perfect as an introductory one for individuals and students who are interested in becoming cyber security or information security professionals. It is also ideal for students who just want to have a well rounded knowledge about the basic concepts used in the world of information security.
PERFECT FOR COMPLETE BEGINNERS
This course is intended primarily for students who have little to no prior background or knowledge about the field of cyber security.
Course Curriculum
In the very first section, we will cover the basic terminologies used and discuss topics like the trinity of IT security and computer protocols.
Section 1:
You will learn the background of Cybersecurity & Hacking. You will learn what is cyber-security and the growing demand
for professionals. You will have clarity on what is a basic network, cia triad,essential terminologies used etc. You will go through an introduction to kali linux operating system in this section
Section 2:
You will gain insights on what is cyber security, what are the components, why you should choose this as a career. You will understand that cyber security is about protecting systems, networks, programs, data and money.
Section 3:
You will have an increased awareness of hacking as a profession, they will go through data breaches occurring in Yahoo, Equifax, Target stores, Sony's play station network etc. You can understand how hacking can be as a profession, types of hackers, what is information risk management regime, companies with data breaches.
Section 4:
You will go through an introduction of what a security operations center is, what are the branches within cyber security
and the various job roles available within cyber security
Section 5:
You will understand network concepts, network topologies and layered communication in this course
Section 6:
We start off where we left, in the previous section 5 we dealt with the fundamental concepts such as Basic Network, CIA Triad, Network concepts, Security Operations Center and Job Roles. Section 6 starts with a refresher on network concepts, topologies etc and connects you to the previous section.
Section 7&8:
These two sections give a good insight on the OSI Model and all the Layers:
a)Physical layer b)Data link layer c)Network layer d)Transport layer e)Layered packet format f)Flow control g)Error control
f)Connection-orientedness vs connectionless g)Session layer and responsibilities h)Presentation layer and its
responsibilities i)Summary of layers
Section 9:
In this section you will learn important concepts like TCP/IP protocol suite and Domain name system hierarchy.
Section 10: Components of Hacking:
Reconnaissance
Scanning
Gaining access
Maintaining access
Clearing tracks
Section 11: Ethical hacking Mindmap
Ethical hacking
Places of ethical hacking
Mind map
Section 12: DoS and DDoS
Denial of services
Symptoms of dos attack
Slow performance
Increase in spam emails
Unavailability of a resource
Loss of access to a website
Denial of access to any internet services
Distributed denial of services (DDoS)
DoS/DDoS attack techniques
Land and flood attacks
Service request floods
Section 13: SYN flooding attach using hping3
Section 14: Hacking : Counter Measures Strategies
Counter-measures
DoS/DDoS countermeasure strategies
Detech and neutralize handlers
Monitoring the activities running on a system of network
Deflect attacks by load balancing
Mitigate attacks disabling unnecessary services
Intrusion detection systems
Wavelet analysis
Section 15: Metasploit test
Metasploit is so popular is the wide range of tasks that it can perform to ease the work of penetration testing to make
systems more secure. Metasploit is available for all popular operating systems.
Vulnerability
Exploit
Payload
Meterpreter
Section 16: Maltego Tool Demo
You will go through a demo of the maltego community edition 4.2.4
Section 17: Cyber kill chain methodology
You will gain insights on cyber kill chain methodology and how a traditional kill chain model works: recon,weaponize, deliver, exploit, install, c2, actions.
Section 18:
You will build their capability in information security attack vectors, phishing techniques, whaling and phishing mitigation. You will understand the types of ransom-wares, how crypto ransomware works, you will go through a real world example of a ransomware attack on the Bristol airport screens.
Section 19 & 20:
You will understand the various mitigation strategies, phishing & firewalls, intrusion detection and prevention systems. You will gain knowledge on zero-day exploit, malware and its types, man in the middle (mitm) attack and web application security.
Section 21:
You will gain real time insights on Security information and event management and Security event manager
Section 22:
You will identify threats and possible breaches and collect audit logs for security and compliance. You will be able to conduct investigations and provide evidence.
Section 23:
You will learn that Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.
Section 24:
You can understand how an attacker can come in and tries to understand how a corporate environment is setup of a target.
Section 25:
You will learn what SIEM and Log Management mean for businesses & how to use them more effectively to mitigate risk for your company.
Section 26:
You will learn that SIEM is necessary because of the rise in data breaches and to meet stringent compliance requirements
Section 27:
Learn the right approach to building SIEM use cases, how to organize and prioritize use cases effectively.
Section 28:
You will learn the SIEM elements, Big 3, Process flow, Features, Event life cycle, SOC controls and mgmt, SIEM architecture, Dashboards and Use cases
Section 29:
You will revisit features of SIEM and learn SIEM deployment options like self-hosted, self-managed to Hybrid-model, Jointly-managed. You will understand the business benefits of SIEM.
Section 30:
SIEM Essentials Quiz
Who this course is for:
Students who want to learn the basics of computer and cyber security
Students who want to become IT or Cyber Security Experts
Testimonials:
Perfect Beginning for a new learner ~ Sairam Chaganti
The resource links shared are very useful ~ Mohammed M. Goni
Just Good ~ TazQ
The course is packed with information that is very easy to follow for a beginner, I definitely feel like I'm learning something new with every video I watch :) ~ Kory Williams
Very useful course, i leaned a lot from it , i really like it , i recommend this instructor ! ~ Souha Djim
Good for a beginner ~ Goli Uma Sankar
Très bon travail. Merci (Very good work. Thanks) ~ Mohamed ABDOU
Taught by
Sai Acuity Institute of Learning Pvt Ltd Enabling Learning Through Insight!
Related Courses
Cloud Data SecurityUniversity of Minnesota via Coursera Incident Response and Recovery
(ISC)² via Coursera Cyber Threats and Attack Vectors
University of Colorado System via Coursera Киберугрозы и векторы атаки
University of Colorado System via Coursera Cybersecurity in Healthcare (Hospitals & Care Centres)
Erasmus University Rotterdam via Coursera