Semester 2 / ECTS Credits: 6 ECTS
Course Description:
The main objective of this course is to give a short and focused introduction to Integrated Systems of Information Security, with particular emphasis on Cybersecurity and the Security Operations Centers (SOCs).
Students will gain comprehensive knowledge and practical skills of the topic covered with the theories, concepts, and hands-on exercises.
Throughout this course, integration capability and matures levels model of SOC (SOC-CMMi) will discussed in conjunction to different types of SOC and its basic elements (personnel, business processes, technologies, tools, and platforms).
Also, different SOC implementation will be presented with practical examples of integration practices in the SAD, the Germany, and the Croatia, also in the EU and the NATO. It will cover SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) in the field of Integrated Systems of Information Security.
A overview and the goal of the simulation exercise in field of the Cyber Security will be explained via these practical examples: the Cyber Shield 2019, the Cyber Coalition, and the Trident Juncture.
Students will gain knowledge about the most important steps in build the Security Operations Centre and examples of best practices.
Practical skills will be obtained during lab work using Splunk as an SOC investigative tool by working on real-life scenarios.
Learning Outcomes:
- Understand the terminology from / (in) the field of the Integrated Systems of Information Security.
- Compare different methods, architects, and types of Integrated Systems of Information Security.
- Independently collect, analysis, and visualization of data in SOC..
- Apply tools for management of Integrated Systems of Information Security.
- Assessment capability and matures levels of Integrated Systems of Information Security.
- Understand the organization and activities in the cyberspace.
Course content lectures:
- Introduction to the Integrated Systems of Information Security
- Integrated Systems of Information security
- Cyber Security as a part of the Homeland Security
- The Security Operations Center (SOC)
- The Personnel in the SOC
- The Business Processes in the SOC
- The Technologies, Tools, and Platforms in the SOC
- The Security Information and Event Management (SIEM)
- The Program Tool; SPLUNK
- Integration capabilities and matures levels model of the SOC
- The Security Orchestration, and Automation, and Response (SOAR)
- The SOC in EU and NATO
- The organization of SOC in the USA, the Germany, and the Croatia
- The Exercises in field of the Cyber Security in the Cyberspace
- The Examples of best practices in the SOC