04-800-AH Cybersecurity Operations Project
Location: Africa
Units: 12
Semester Offered: Fall, Spring
Course description
This course is designed to provide students with practical experience in cybersecurity incident detection and response in a real-world setting. In this course, students will get an in-depth understanding of Security Operations Center (SOC) roles and responsibilities, as well as the open source technologies used to detect, analyze, track and respond to security incidents. Students will gain practical skills in SOC operations, including continuous monitoring, threat intelligence, threat hunting, incident response, use of SOC tools, as well as managing and tuning them. The course combines theoretical knowledge with hands-on labs to prepare students for real world security challenges to get them started as TIER I SOC analysts.
Learning objectives
At the conclusion of this course, students will be able to:
- Explain endpoint and network architecture concepts
- Explain threat hunting concepts
- Describe incident response activities
- Triage and classify security alerts
- Apply tools to investigate malicious activity
- Demonstrate incident response communication
- Apply attack mitigation best practices
Outcomes
Students will learn how to develop and implement open-source cybersecurity operations solutions. These solutions lower barriers of entry in underserved markets, by providing cost effective alternatives to licensed proprietary cybersecurity solutions.
Content details
- Introduction to security operations
- Threat intelligence and threat hunting
- Security Information And Event Management (SIEM)
- Host and network security monitoring
- Incident response planning
- Malware analysis
- Incident handling and communication
- Security Orchestration, Automation and Response (SOAR)
- Advanced threats and attack techniques
- SOC best practices and future trends
Prerequisites
- Introduction to Information Security (18-631) and
- Cyber Defense (04-623) or Ethical Hacking (04-720)