Goal: The aim of the course is to familiarise students with the purpose and tasks of a SOC, the different open source solutions, log management tools and procedures. The students will develop their own SOC instance guided by a Cisco CyberOps e-laerning course with the most common use cases. They may add additional components to the SOC, such as IDS/IPS systems and a honeypot solution of their choice, while also learning about the tasks and types of these devices.
Course description: The course reviews the purpose, function and key components and requirements of a SOC. The course is lab oriented.