- lectures and labs
- 3 days
The course provides a thorough overview of tasks, processes, procedures, escalation workflows and tools used by a Tier 2 Security Analyst. Through use cases, examples, and hands-on exercises, participants investigate a variety of critical incident response scenarios. The instructional material emphasizes decision-making and prioritization with the goal of teaching the students how to make an assessment in a short amount of time using security monitoring instrumentation, contextual analysis and correlation to indicators of network exploitation. Students develop a broader understanding of the role the SOC fulfills in the larger organization, including exposing them to the legal and regulatory compliance issues associated with incident response and assessing organizational risk.