Security Operations

Build foundational skills in SOC operations, focusing on threat identification and mitigation.

Key Details

This module is delivered in hybrid format, as a combination of online, in-person and self-learning activities. The module uses innovative hybrid learning methods that combine live (synchronous) and self-paced (asynchronous) activities, with particular focus on practical activities and real-world scenarios connected to cybersecurity. Expert tutors guide students through the material, ensuring a comprehensive learning experience.

This module aims to provide participants with a comprehensive understanding of Security Operations Centers (SOCs). Toward this goal, the module employs periodic quizzes, in-class practical work and assignments.

Time commitment:

• Online activities: 14 hours
• In-person activities: 14 hours
• Self-learning: 28 hours
• Individual, team and guided projects and activities: 94 hours
• Total: 150 hours

Credit points: 6 ECTS

Grading:

• Lecture quizzes: 10%
• Assignments: 30%
• Lab Work: 20%
• Exam: 40% (quiz, practical exam)

Apply now

Subjects covered

Network Infrastructure and Security Monitoring Tools

Data Categories and Analysis

Fundamentals of Cryptography

Endpoint Security Technologies

Incident Analysis in a Threat-Centric SOC

Cyber Threat Hunting and Intelligence Gathering

Event Correlation and Normalization

SOC Workflow and Automation

Incident Response and Management

Introduction to VERIS (Vocabulary for Event Recording and Incident Sharing)

Operating System Fundamentals: Windows and Linux

Advanced Topics in Cybersecurity

Apply now

Learning objectives

Develop scripts and configurations for managing and monitoring firewalls, IPS, EDR, and other SOC technologies to identify and prevent threats.

Apply techniques for collecting, categorizing, and analyzing security data for incident investigation and response.

Design and automate SOC workflows to improve processes and increase the speed of incident handling.

Use event correlation and normalization tools to detect suspicious activities and complex cyberattacks.

Perform advanced malware analysis, reverse engineering, and threat hunting to identify and counteract new attack vectors.

Apply now

Module leaders

Radu-Ioan Ciobanu is a professor and researcher at the Computer Science department of the Faculty of Automatic Control and Computers at the National University of Science and Technology POLITEHNICA Bucharest. He obtained his PhD from the same faculty in 2016. His research interests include pervasive and mobile networks, DTNs, opportunistic networks, cloud computing, federated learning, etc. His research has led to the publishing of numerous papers and articles at important scientific journals (such as Pervasive and Mobile Computing, Journal of Network and Computer Applications, Transactions on Emerging Telecommunications Technologies, Ad Hoc Networks) and conferences (IEEE GLOBECOM, ICC, IM, WoWMoM, PerCom etc.). He is involved in several national and international research projects, both as member and as coordinator. He also co-coordinates MobyLab, the Pervasive Systems Laboratory from POLITEHNICA Bucharest.

Apply now