TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-812: Information Systems Security Engineering Professional (ISSEP)

Course Overview:

This concentration was developed in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSP®-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The SSE model taught in the IATF portion of the course is a guiding light in the field of information security and the incorporation of security into all information systems.

Attendees to TN-812: Information Systems Secuirty Engineering Professional (ISSEP) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Systems Security Engineering
  • Certification and Accreditation
  • Technical Management
  • U.S. Government Information Assurance Governance

Prerequisites:

Comments

Latest comments from students

User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.

User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.

Liked the class?  Then let everyone know?

TN-835: Certified in Risk and Information Systems Control (CRISC) Preparation Seminar

Course Overview:

Certified in Risk and Information Systems Control (CRISC), is for professionals responsible for an organization's risk management program.  Students looking to acquire CRISC qualify themselves as IT security analyst, security engineer architect, information assurance program manager and senior IT auditor.  CRISC certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met.

The CRISC exam will primarily align with the terminology and concepts described in The Risk IT Framework, The Risk IT Practioner Guide, and COBIT 5.  This will include applications in the evaluation and monitoring of IT-based risk, as well as the design and implementation of IS controls. 

The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:

  • Domain 1: Risk Identification 
  • Domain 2: Risk Assessment
  • Domain 3: Risk Response and Mitigation
  • Domain 4: Risk and Control Monitoring and Reporting

This course is designed to assist in your exam preparation for the CRISC exam.

Attendees to TN-835: Certified in Risk and Information Systems Control (CRISC) Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

Date/Time Event
09/30/2024 - 10/04/2024
08:30 -16:30 		TN-835: Certified in Risk and Information Systems Control (CRISC) Preparation Seminar
TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Objectives:

  • Risk IT Framework—Purpose and Principles
  • Essentials of Risk Governance, Evaluation, and Response
  • Risk and Opportunity Management Using CobiT, Val IT and Risk IT
  • The Risk IT Framework Process Model Overview
  • Managing Risk in Practice—The Practitioner Guide Overview
  • Overview of the Risk IT Framework Process Model 
  • The Risk IT Framework

Prerequisites:

A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers.

Comments

Latest comments from students

User: tracycampbell

Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing. As a bonus, his breakdown of PKI helped with my current job requirements.

Facilities comments: The Home2Suites by Hilton was FANTASTIC!

Liked the class?  Then let everyone know!

TN-822: Certified Information Systems Auditor (CISA) Seminar

Course Overview:

The mark of excellence for a professional certification program is the value and recognition it bestows on the individual who achieves it.  The technical skills & practices the CISA promotes and evaluates are the building blocks of success in the field. Possessing the CISA designation demonstrates proficiency and is the basis for measurement in the profession.  With a growing demand for professionals possessing IS audit, control and security skills, CISA has become a preferred certification program by individuals and organizations around the world.  CISA certification signifies commitment to serving an organization and the IS audit, control and security industry with distinction.  This course will help the student prepare to obtain this credential.

Attendees to TN-822: Certified Information Systmes Auditor (CISA) Seminar will receive TechNow approved course materials and expert instruction.

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • The IS Audit Process (10%)
    • Provide IS audit services in accordance with IS audit standards, guidelines, and best practices to assist the organization in ensuring that its information technology and business systems are protected & controlled.
  • IT Governance (15%)
    • Provide assurance that the organization has the structure, policies, accountability, mechanisms and monitoring practices in place to achieve the requirements of corporate governance of IT.
  • System and Infrastructure Life Cycle Management (16%)
    • Provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure will meet the organization's objectives.
  • IT Service Delivery and Support (14%)
    • Provide assurance that the IT service management practices will ensure the delivery of the level of services required to meet the organization's objectives.
  • Protection of Information Assets (31%)
    • Provide assurance that the security architecture (policies, standards, procedures and controls) ensures the confidentiality, integrity and availability of information assets.
  • Business Continuity and Disaster Recovery (14%)
    • Provide assurance that, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resumption of IT services, while minimizing the business impact.

Prerequisites:

A minimum of five years of professional information systems auditing, control & security work experienced is required.  Experience must have been gained within the 10-year period preceding the application date for certification, or within five years from the date of initially passing the examination.

Comments

Latest comments from students

User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.

User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.

Liked the class?  Then let everyone Know!