Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0

Skills covered:
Displaying courses for United States [Change]


This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.


This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member.


This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.


Attacker Methodology

  • Defining the Attacker Methodology
  • Identifying Malware and Attacker Tools
  • Understanding Attacks

Defender Methodology

  • Enumerating Threats, Vulnerabilities, and Exploits
  • Defining SOC Services
  • Defining SOC Procedures
  • Defining the Role of a Network Security Analyst
  • Identifying a Security Incident

Defender Tools

  • Collecting Network Data
  • Understanding Correlation and Baselines
  • Assessing Sources of Data
  • Understanding Events
  • Examining User Reports
  • Introducing Risk Analysis and Mitigation

Packet Analysis

  • Identifying Packet Data
  • Analyzing Packets Using Cisco IOS Software
  • Accessing Packets in Cisco IOS Software
  • Acquiring Network Traces
  • Establishing a Packet Baseline
  • Analyzing Packet Traces

Network Log Analysis

  • Using Log Analysis Protocols and Tools
  • Exploring Log Mechanics
  • Retrieving Syslog Data
  • Retrieving DNS Events and Proxy Logs
  • Correlating Log Files

Baseline Network Operations

  • Baselining Business Processes
  • Mapping the Network Topology
  • Managing Network Devices
  • Baselining Monitored Networks
  • Monitoring Network Health

Incident Response Preparation

  • Defining the Role of the SOC
  • Establishing Effective Security Controls
  • Establishing an Effective Monitoring System

Security Incident Detection

  • Correlating Events Manually
  • Correlating Events Automatically
  • Assessing Incidents
  • Classifying Incidents
  • Attributing the Incident Source


  • Scoping the Investigation
  • Investigating Through Data Correlation
  • Understanding NetFlow
  • Investigating Connections Using NetFlow

Mitigations and Best Practices

  • Mitigating Incidents
  • Using ACLs
  • Implementing Network-Layer Mitigations and Best Practices
  • Implementing Link-Layer Best Practices


  • Documenting Communication
  • Documenting Incident Details

Post-Event Activity

  • Conducting an Incident Post-Mortem
  • Improving Security of Monitored Networks

Training provider

Teaching mode:
Classroom - Instructor Led
Online - Instructor Led
Duration: 5 days
Gooroo has partnered with the global leaders in IT training to give you access to quality training, personalised to you, targeted at increasing your job opportunities and salary.

Our pricing

We do not display pricing as Gooroo members qualify for special discounts not available elsewhere. You must enquire through Gooroo to get this benefit.

New courses are happening all the time

Our partner's expert training consultant will provide you with the times and all the details you need. Enquire today.

Top skills covered in this course

United States
This skill has an average salary of
and is mentioned in
of job ads in this area.
iOS (Apple)
United States
This skill has an average salary of
and is mentioned in
of job ads in this area.