Coursera

Security Operations Center (SOC) (Coursera)

Offered by Cisco Learning and Certifications,
Security Operations Center (SOC) (Coursera)

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you acquire the fundamental skills required in a security operations center. You will learn the primary functions of a security operations center (SOC) and the critical role it plays in protecting organizational assets from cyber-attacks.

Class Deals by MOOC List - Click here and see Coursera's Active Discounts, Deals, and Promo Codes.

Course 1 of 7 in the Cybersecurity Operations Fundamentals Specialization.
By the end of the course, you will be able to:
• Gain an understanding of SOC team member’s daily activities and responsibilities.
• Identify who these bad actors are, their motives, why they attack, and what they attack.
• Review the goals of implementing a SOC and covers the business benefits that an organization achieves by employing a SOC.
• Introduce technical and procedural challenges in a SOC.
To be successful in this course, you should have the following background:

  1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course
  2. Familiarity with Ethernet and TCP/IP networking
  3. Working knowledge of the Windows and Linux operating systems
  4. Familiarity with basics of networking security concepts.

Syllabus

WEEK 1
Introduction to Security Operations Center
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you acquire the fundamental skills required in a security operations center. You will learn the primary functions of a security operations center (SOC) and the critical role it plays in protecting organizational assets from cyber-attacks. By the end of the course, you will be able to:
• Gain an understanding of SOC team member’s daily activities and responsibilities. • Identify who these bad actors are, their motives, why they attack, and what they attack. • Review the goals of implementing a SOC and covers the business benefits that an organization achieves by employing a SOC. • Introduce technical and procedural challenges in a SOC. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 2
Security Operations Center Processes and Services
If you are an associate-level cybersecurity analyst who is working in security operation centers, this lesson evaluates SOC processes and services. By the end of the course, you will be able to: • Understand primary responsibilities of a SOC and its interactions with other departments within the organization.• Understand various services that a SOC provides throughout the incident response phases. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 3
SOC Deployment Models and Types
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand SOC types, staffing considerations, and deployment models and their consumers. By the end of the course, you will be able to:
• Describe various SOC types and staffing considerations. • Describe SOC deployment models and their corresponding consumer profiles. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 4
Staffing an Effective SOC Team
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you to understand about staff that work in SOC and their personnel roles and titles. Describe the necessary skills to work in a SOC. By the end of the course, you will be able to: • Describe the role of each SOC member in general and in the context of incidence response. Describe the skill set of each SOC member and their toolkit components. • Describe the interactions of SOC members with each other and external entities in the context of incidence response. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 5
Security Events Data and SOC Analyst Tools
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the data collection and data analytics activities performed in a SOC. Identify tools for performing data collection and analysis activities and how they complement each other.
By the end of the course, you will be able to: • Describe SOC relevant data and security event data. • Describe SOC tools and their features. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 6
Developing Key Relationships with Internal and External Stakeholders
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the importance of using effective tools and developing a good relationship with external organizations. Describe the most important tools and software the SOC team uses to achieve this goal. By the end of the course, you will be able to: • Describe intelligence resources, regulatory agencies, and government industry organizations with which the SOC communicates. • Describe the policies, procedures, and governance rules to integrate with SOC procedures that define how it engages with users, HR, and legal in response to detected violations of procedures. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 7
Understanding SOC Metrics
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you explain the use of SOC metrics to measure the effectiveness of the SOC. By the end of the course, you will be able to: • Explain security data aggregation. • Explain Time to Detection (TTD) in context to network security. • Describe security controls detection effectiveness. • Describe SOC metrics. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

WEEK 8
Understanding SOC Workflow and Automation
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand the use of a workflow management system and automation to improve the effectiveness of the SOC. By the end of the course, you will be able to: • Describe SOC WMS concepts. • Describe how a typical workflow management system is integrated within a SOC.• Describe SOC WMS integration. • Provide an example of SOC workflow automation. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Go to Class
MOOC List is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Related Courses

NIST 800-171 (Coursera) Coursera
Infosec

NIST 800-171 (Coursera)

Security & Networking

NIST SP 800-171 is a cybersecurity framework of 110 controls in 14 families published by the National Institute of Standards and Technology (NIST). This learning path will teach you how to comply with the requirements of NIST 800-171. You will understand what CUI is and how to identify it; what a nonfederal information systems is; how to understand each of the 110 requirements in the framework and satisfy each of them if necessary; how to create a Body of Evidence (BOE) including Organizational Policy or Procedures; a System Security Plan (SSP) and Plans of Action and Milestones (POAM).

Jun 22nd 2026
5-12 Weeks
Cybersecurity Coursera Plus Cybersecurity Risk Management Framework Specialization
Details
Cloud Security Basics (Coursera) Coursera
University of Minnesota

Cloud Security Basics (Coursera)

CS: Information & Technology

This course introduces you to cybersecurity for the cloud. We'll learn and apply classic security techniques to today’s cloud security problems. We start with a deceptively simple and secure web service and address the problems arising as we improve it. We’ll analyze recent cloud security vulnerabilities using standard, systematic techniques. We’ll build our own web service case studies and construct security solutions for them.

Jun 22nd 2026
4 Weeks
Cryptography Security Cloud Computing
Details
Cybersecurity Compliance Framework & System Administration (Coursera) Coursera
IBM

Cybersecurity Compliance Framework & System Administration (Coursera)

Security & Networking

This course gives you the background needed to understand the key cybersecurity compliance and industry standards. This knowledge will be important for you to learn no matter what cybersecurity role you would like to acquire or have within an organization. You will learn the basic commands for user and server administration as it relates to security. You will need this skill to be able to understand vulnerabilities within your organizations operating systems.

Jun 22nd 2026
4 Weeks
Cryptography Security Encryption
Details
Network Defense Essentials (NDE) (Coursera) Coursera
EC-Council

Network Defense Essentials (NDE) (Coursera)

Security & Networking

Network Defense Essentials covers the fundamental concepts of information security and network defense. This introductory cybersecurity course is designed for today's entry-level information security or cybersecurity careers and is ideal for learners aspiring to pursue a career in cybersecurity. The course gives a holistic overview of the key components of Information Security such as Identification, Authentication and Authorization, Virtualization and Cloud Computing, Wireless Networks, Mobile and IoT Devices, and Data Security.

Jun 22nd 2026
5-12 Weeks
Cryptography Cloud Computing Information Security
Details
Introduction to Cyber Attacks (Coursera) Coursera
New York University

Introduction to Cyber Attacks (Coursera)

Security & Networking

This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades.

Jun 22nd 2026
4 Weeks
Risk Analysis Risk Assessment Information Security
Details
Seguridad en la red (Coursera) Coursera
Universidad de los Andes

Seguridad en la red (Coursera)

Security & Networking

Las organizaciones cada vez tienen procesos más complejos, los cuales son soportados en su mayoría a través de las tecnologías de la información y las comunicaciones (TIC). Debido a la alta dependencia de las TIC, cada vez se presentan más ataques informáticos poniendo en riesgo a las organizaciones. Por estas razones cada vez es más necesario que las personas desarrollen habilidades y conocimientos en seguridad de la información.

Jun 22nd 2026
4 Weeks
Security Cybersecurity Network Security
Details
Cyber Threats and Attack Vectors (Coursera) Coursera
University of Colorado System

Cyber Threats and Attack Vectors (Coursera)

Security & Networking

Data breaches occur nearly every day. From very large retailers, down to your fantasy football website, and anywhere in between, they have been compromised in some way. How did the attackers get in? What did they do with the data they compromised? What should I be concerned with in my own business or my systems? This course is the second course in the Practical Computer Security. It will discuss types of threats and attack vectors commonly seen in today’s environment.

Jun 22nd 2026
5-12 Weeks
Security Cybersecurity Cyber Attacks
Details
Introduction to Cybersecurity for Business (Coursera) Coursera
University of Colorado System

Introduction to Cybersecurity for Business (Coursera)

Security & Networking

The world runs computers. From small to large businesses, from the CEO down to level 1 support staff, everyone uses computers. This course is designed to give you a practical perspective on computer security. This course approaches computer security in a way that anyone can understand. Ever wonder how your bank website is secure when you connect to it? Wonder how other business owners secure their network? Wonder how large data breaches happen? This is practical computer security. It will help you answer the question – what should I focus on?

Jun 22nd 2026
5-12 Weeks
Security Risk Assessment Information Security
Details
Cybersecurity for Data Science (Coursera) Coursera
University of Colorado Boulder

Cybersecurity for Data Science (Coursera)

Security & Networking

This course aims to help anyone interested in data science understand the cybersecurity risks and the tools/techniques that can be used to mitigate those risks. We will cover the distinctions between confidentiality, integrity, and availability, introduce learners to relevant cybersecurity tools and techniques including cryptographic tools, software resources, and policies that will be essential to data science. We will explore key tools and techniques for authentication and access control so producers, curators, and users of data can help ensure the security and privacy of the data.

Jun 22nd 2026
5-12 Weeks
Cryptography Cybersecurity Data Science
Details
Network Security (Coursera) Coursera
(ISC)²

Network Security (Coursera)

Security & Networking

Welcome to course 4 of 5 of this Specialization, Network Security. In this course, we will look at computer networking and securing the network. In today’s world, the internet connects nearly everyone and everything, and this is accomplished through networking. While most see computer networking as a positive, criminals routinely use the internet, and the networking protocols themselves, as weapons and tools to exploit vulnerabilities and for this reason we must do our best to secure the network. We will review the basic components of a network, threats and attacks to the network, and learn how to protect them from attackers.

Jun 22nd 2026
5-12 Weeks
Security Network Security Cyber Attacks
Details
Enterprise and Infrastructure Security (Coursera) Coursera
New York University

Enterprise and Infrastructure Security (Coursera)

Security & Networking

This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks.

Jun 22nd 2026
4 Weeks
Security Enterprise Cybersecurity
Details
Introduction to Cybersecurity Essentials (Coursera) Coursera
IBM

Introduction to Cybersecurity Essentials (Coursera)

Security & Networking

Build key skills needed to recognize common security threats and risks. Discover the characteristics of cyber-attacks and learn how organizations employ best practices to guard against them. Designed specifically for beginners and those who are interested in a Cyber Analyst I or an entry-level Cloud & Security Engineer role, this course dives into the world of cybersecurity to give you the critical skills employers need. This course also supports the needs of technical support roles, who can find themselves on the front lines of defense for cybersecurity issues and is part of the IBM Technical Support Professional Certificate.

Jun 22nd 2026
4 Weeks
Cryptography Security Information Security
Details