CYB605
Security Operations, Monitoring & Incident Response
Course Description
Security operations center design, detection, and structured incident response.
Learning Objectives
Upon successful completion of this course, students will be able to:
- Design SOC operational workflows
- Apply incident response frameworks
- Communicate response findings professionally
Course Schedule
| Week | Topic |
|---|---|
| 1-2 | SOC Architecture and Monitoring |
| 3-4 | Detection and SIEM Concepts |
| 5-6 | Incident Response Lifecycle |
| 7-8 | Forensic Readiness |
| 9-10 | Tabletop Exercises |
| 11-12 | Incident Response Capstone Exercise |
Assessment & Grading
| Assessment | Weight |
|---|---|
| Lab Exercises | 30% |
| Incident Response Plan | 30% |
| Final Exercise | 30% |
| Participation | 10% |
Required Textbooks
- NIST SP 800-61 and curated operational readings