Master Class: SOC – Security Operations Center – Hands On Cyber Attack Simulation (MCSOC)

 

Course Overview

Analysis of past incidents shows repeatedly: Human error is the most common cause of delays and serious failures when dealing with cybersecurity incidents. In our SOC Master Class, we prepare you for the dynamics and complexity of such situations with numerous learning and practice elements.

In the training, participants are introduced to the essential technologies and processes for detecting and remediating cyberattacks. The knowledge acquired is then practiced in each case by means of the participants' own handling of simulated live attacks. For this purpose, an arena is used in which participants can safely practice various tactics for defense and remediation. In particular, cross-functional collaboration is also addressed. The exercises include technical elements as well as elements of incident, emergency and crisis management.

The Master Class is conducted by a facilitator ("White Team Trainer") and accompanied by an attacker ("Red Team Trainer").

Who should attend

Executives, managers and auditors for IT and information security, employees from the areas of IT and information security.

Prerequisites

The Master Class does not require specialized knowledge of specific technologies. Knowledge of IT security principles and information security management should be present.

Course Content

Malware
  • Current cyber threat situation and known incidents
  • Introduction to function and analysis of malware
  • Practice: Use of tools for malware analysis
SIEM, Level 1
  • Security Information and Event Management (SIEM) Introduction
  • SIEM architectures
  • Introduction Security Incident Management (SIM)
  • Practice: Use of Splunk and predefined rules for attack detection
Management of cyber crises, Level 1
  • Good and bad examples
  • Core process for crisis management
  • Situation center and situation pictures
  • Practice: Managing a serious cyber incident
Network forensics
  • Recap: TCP/IP protocol family
  • Secure network architectures
  • Introduction to protocol analysis tools
  • Practice: Detecting network-level attacks
SIEM, Level 2
  • Practice: Creating your own rules based on attacks
SOC Management and Reporting
  • SOC processes and roles
  • Practice: SIM process creation
  • KPI reporting
Management of cyber crises, Level 2
  • Introduction to TIBER-DE
  • Crisis communication
  • Practice: Creation of own cyber crisis exercises
Team exercise
  • Joint defense of a realistic cyber incident from detection to management

Prix & Delivery methods

Formation en ligne

Durée
5 jours

Prix
  • sur demande
Dates et Inscription
Demande de date
Formation en salle équipée

Durée
5 jours

Prix
  • sur demande
y compris la restauration
Dates et Inscription
Demande de date

Agenda

Instructor-led Online Training:   Course conducted online in a virtual classroom.
FLEX Classroom Training (hybrid course):   Course participation either on-site in the classroom or online from the workplace or from home.

Allemand

Fuseau horaire : Heure d'été d'Europe centrale (HAEC)

Formation en ligne
Option présentielle : Francfort, Allemagne Fuseau horaire : Heure d'été d'Europe centrale (HAEC)
Formation en ligne
Option présentielle : Francfort, Allemagne Fuseau horaire : Heure d'été d'Europe centrale (HAEC)
Formation en ligne
Option présentielle : Francfort, Allemagne Fuseau horaire : Heure normale d'Europe centrale (HNEC)

Anglais

7 heures de différence

Formation en ligne Fuseau horaire : Eastern Standard Time (EST)
Formation en ligne Fuseau horaire : Eastern Standard Time (EST)
Formation en ligne Fuseau horaire : Eastern Standard Time (EST)
FLEX Classroom Training (hybrid course):   Course participation either on-site in the classroom or online from the workplace or from home.

Allemagne

Francfort
Francfort
Francfort

Si vous ne trouvez pas de date adéquate, n'hésitez pas à vérifier l'agenda de toutes nos formations FLEX internationales