Essential Defender 202: Security Operations Fundamentals
- Duration: 16 hours
- Delivery Options: Online, In-person, Hybrid
Start learning key defensive security concepts with a focus on following an attacker through the Cyber Kill Chain. Learn how to recognize indicators of compromise. Key concepts and tools include commercial SIEMs and firewalls, and other investigation tools.
Who should take this course
ED-202 is designed for professionals starting cyber and information security. It is recommended for those who either have completed A.C.E.-Core or ED-201.
How can you take this course
Available online live with an instructor
Available in-person either at Purdue or at your location.
Available as a combination of online and in-person
What tools you will use
Participants will get hands-on experience with industry tools such as Active Directory, QRadar, Palo Alto Firewalls, Zennos, SysInternals, McAfee EPO, and more.
What you can expect from Essential Defender 202: Security Operations Fundamentals
As a continuation of the Essential Defender series, ED-202 reinforces the identification of indicators of compromise in networked traffic. Participants are tasked with identifying three cyberattacks by only seeing the attack traffic with the use of commercial investigation tools. While the course is only scoped to identifying a cyberattack, the range instructor will provide suggestions for recovery and remediation in a limited capacity.
- Upskill current workforce
- Get hands-on with industry tools in virtual labs.
- Perfect for I.T. team expanding responsibilities
- Gain an understanding of network traffic.
- Learn industry tools in virtual labs.
- Taught remotely or in-person
While ED-202 is recommended for teams, it can be taken as an individual. The course is taught through three instructor-led Purdue Cyber Range scenarios over the course of a day.
Purdue Cyber Range is a virtual testing ground that allows individuals and teams to experience both defensive and offensive cyberattack scenarios. Each scenario is overseen by a Range Master, ensuring your team's experience is as educational as possible.
Network Traffic Analysis: Learn the basics of vulnerability assessments, including testing, methodologies, scanning, documentation reviews, and threat hunting.
Incident Response: Understand the foundations of identifying, containing, and recovering from a cyber attack.
Forensics: Identify and assess indicators of compromise on systems such as SQL, IIS, and Domain Controller.
It is recommended that all of cyberTAP courses be taken on a laptop or PC that runs either Windows or Linux as an operating system. We also recommended to have a fast and reliable internet access.