SOC-CMM Lead Auditor
Get ready to prepare for and perform SOC-CMM certification audits
SOC-CMM Lead Auditor is a comprehensive 1-day training, delivered in 2 parts that provides a deep dive into the SOC-CMM certification process and scheme. In this course, you will learn about security operations centers, the SOC-CMM model, SOC-CMM assessments and the relationship to SOC certification. You will also go in-depth on the SOC-CMM certification process and the SOC-CMM certification scheme and will learn how to apply these to perform audit activities for security operations centers.
Using the knowledge gained in this course, you will be able to prepare for a successful certification audit and having a smooth transition from using the SOC-CMM for self-assessment purposes to getting the SOC officially certified.
Rob van Os
Author & Trainer
Security Consultant
Creator SOC Maturity Model
At a Glance
Advanced level
SOC-CMM Lead Auditor
Target audience: SOC-CMM support partners, internal auditors, SOC consultants, SOC managers, SOC employees involved in maturity assessments and improvement follow-up
Learn about SOCs and security operations, alongside the background of the SOC-CMM model and its application for assessing the maturity of SOCs
Understand how to use the SOC-CMM for purposes of certification, and the activities required for preparing and performing the audit.
Understand the SOC-CMM maturity and capability levels
Understand relevant concepts in security operations
Understand the certification process and cycle
Successfully pass the exam and receive an official certification and badge, alongside the right to use the designation SOC-LA: SOC-CMM Lead Auditor
What’s included
- Official course materials
- Training from the author of the SOC-CMM framework
- Access to the SECO member portal
- Practice exam
- Exam voucher
- Membership to SECO’s Alumni Network after passing the exam
- The e-book: assessing Security Operations Centers using the SOC-CMM
Syllabus
Full list of topics
SOC background
- Security Operations
- SOC models and types
- Hybrid SOCs
- SOCs vs CSIRTs
SOC-CMM background
- SOC-CMM goals and principles
- SOC-CMM versioning
- SOC-CMM model
- Capability & maturity levels
- SOC-CMM for CERT
- SOC-CMM limitations
Core SOC concepts
- SOC Roles
- Tiering
- SOC operations
- Exercises
- Physical facilities
- Shifts
- Use cases & detection engineering
- Data sources & visibility
- Attack chains
- SOC technologies
- SOC processes
- SOC services
- Hunting, TTPs and pyramid of pain
- Threat intelligence, IoCs, IoAs
SOC assessment
- Usage of the tool
- Assessment results
- NIST CSF alignment
SOC-CMM certification
- Certification levels
- Certification model
- Audit scope
- Audit process and cycle
Certification preparation
- Preparation activities
- Engaging 3rd parties
- Formalising documentation
- Audit planning
Certification auditing
- Usage of the tool
- Documentation audit
- Business domain audit
- People domain audit
- Process domain audit
- Technology domain audit
- Service domain audit
Non-conformities, reporting & finalising
- Non-conformities
- Reporting
- Finalising and registration
Collect your badge of honor
The SOC-CMM Lead Auditor training includes an exam voucher. Students that successfully pass the exam receive an official certification and badge and can use the designation SOC-LA: SOC-CMM Lead Auditor.
- Exam format: 5 open questions (8 points per question), 1 case study (30 points), 10 multiple choice questions (3 points per question)
- Pass rate: 60%
- Duration: 120 minutes