Certified SOC Analyst


Request for price


Length: 5.0 day (40 hours)

 

Course objectives

After completing this course, students will be able to:

    • Understand the fundamental concepts of SOC operations
    • Learn how to analyze security events and incidents
    • Utilize SIEM tools to detect and respond to threats
    • Apply threat intelligence to improve security posture
    • Develop incident response plans and procedures
    • Enhance skills in digital forensics and malware analysis

Course outlines

  • Module 1: Security Operations and Management
    • Introduction to SOC
    • SOC roles and responsibilities
    • Security operations lifecycle
    • Key performance indicators (KPIs) and metrics
  • Module 2: Understanding Cyber Threats, IoCs, and Attack Methodology
    • Types of cyber threats and attacks
    • Threat actors and their motivations
    • Indicators of compromise (IoCs)
    • Cyber kill chain
  • Module 3: Incidents, Events, and Logging
    • Incident classification and categorization
    • Event logging and correlation
    • Log management and analysis tools
    • Security information and event management (SIEM)
  • Module 4: Incident Detection with SIEM
    • SIEM architecture and components
    • SIEM use cases and best practices
    • Alerting and notification systems
    • Correlation rules and anomaly detection
  • Module 5: Enhanced Incident Detection with Threat Intelligence
    • Threat intelligence sources and feeds
    • Integrating threat intelligence into SIEM
    • Threat hunting techniques
    • Advanced threat detection
  • Module 6: Incident Response
    • Incident response planning and procedures
    • Incident triage and escalation
    • Containment and eradication techniques
    • Root cause analysis
    • Post-incident activities and lessons learned