Security Operation Centre, Threat Modelling and Law
Security Operation Centre, Threat Modelling and Law
Security Operation Centre, Threat Modelling and Law
This course specifically highlights the functionality of the Security Operation Centre (SOC).
From real-time monitoring to incident response, it explores the functionalities that empower
organizations to detect, analyze and respond to potential security breaches. The course also
addresses Threat Modelling which is considered the first step into the shoes of a cybersecurity
analyst. It equips students to learn how to anticipate and assess potential threats through
systematic methodologies, providing the ability to construct robust threat models and fostering
a proactive approach to cybersecurity.
Additionally, the course thoroughly examines the legal aspects within the digital realm,
investigating both global and regional legal frameworks that govern cybersecurity. Its objective
is to assist students in comprehending compliance requirements and grasping the potential
repercussions of non-compliance.
This course is designed to equip students with the knowledge and skills needed to understand,
implement and manage security measures within the context of a Security Operation Centre, this
course also delves into the crucial aspects of threat modelling and the legal frameworks
governing cybersecurity.
COURSE OBJECTIVES
The objectives of this course are to equip the students with the ability to:
Page 1 of 4
❖ Understand the basics of Security Operations Centre and Threat Modeling.
❖ Learn the importance of central point monitoring and acting on threats.
❖ Deploy the Policies for scheduling, deadlocks, memory management, synchronization,
system calls and file systems.
❖ Monitor system operations and reaction to events in response to triggers and/or
observation of trends or unusual activity.
❖ Interpret the Security Operation Centre (SOC) audit and the compliance policy.
LEARNING OUTCOME
COURSE OUTLINE
Page 2 of 4
UNIT -III Security Information and Event Management (SIEM) [5hrs]
Overview of SIEM–SIEM Architecture–SIEM Features and Capabilities: Log Aggregation and
Normalization–Event Collection and Correlation–Alerting–Dashboard–Compliance Reporting–
Log Retention.
Page 3 of 4
UNIT-X Legal and Regulatory Framework [6hrs]
Overview of the NICE Cybersecurity Workforce Framework–NIST Cybersecurity Framework:
NIST– Management of Information Security Incidents: ISO/IEC 27035-ISO/IEC 27035-1:2023.
READING LIST
ESSENTIAL READINGs
1. Joseph Muniz, The Modern Security Operations Centre (Pearson Education 2021)
2. John W. Rittinghouse, William M. Hancock, Cybersecurity Operations Handbook (lst ed,
Digital Press 2004).
RECOMMENDED READINGS
1. Mike O’Leary, Cyber Operations: Building, Defending, and Attacking Modern Computer
Networks (Apress 2019).
2. Benanter Messaoud, Access Control Systems: Security, Identity Management and Trust
Models (Springer 2006).
Page 4 of 4