logo-img

Enroll now and get 10% off any course.

Course Details

SOC Analyst

(254 reviews)
course-meta
Created by
Admin

Total Enrolled

50,000+

Last Update

01 January 2023

Duration

45 Days

Description

The Cloud247’s SOC Analyst training course is specifically created for aspiring and current SOC Analysts who want to learn how to prevent, identify, assess, and respond to cybersecurity threats and incidents. The course is the first level of a course series that includes Level 1-SOC Analyst and Level 2-SOC Specialist, and is specifically designed to assist you in mastering over trending and in-demand technical abilities to carry out numerous sophisticated SOC activities.

What you'll learn

  • Fundamentals of Java Programming
  • Advanced Java Programming
  • Java Database Connectivity (JDBC)
  • Build Tool - Maven
  • Web Development using Servlets and JSPs
  • Object Relational Mapping using Hibernate

Requirements

  • • Networking fundamentals
  • • OS basics & Troubleshooting is recommended
  • • Basics of Information Security

Curriculum

  • 45 lectures • 45 days total length

Why do we need Security?

CIA Triad

Concept of AAA

Hacking Concepts

Types of Hackers

Domains of Security

Ethical Hacking Phases

Types of Attacks

Network Fundamentals

NOC vs SOC

The OSI Model

Network Devices

Network Tools – Firewall, IDS, IPS, VPN, Switches, Routers

Ports and Services

Conducting a Port Scan with Nmap [Practical]

Linux Operating System Fundamentals [Practical]

Linux Directory Services

Most useful Linux Commands in SOC

Events Logs in Linux

Linux System Services

Why do we need SOC?

What is SOC?

Functions of SOC

SOC Models & Types

SOC Teams & Roles

Incidents vs Events

True vs False Incident Categories

Concept of Logging

Local Logging vs Centralized Logging

Log Management & Log Analysis

Log Management needs

Concept of Log Analysis

Web Server Logs

Firewall Logs

SSH Logs

Windows Event Logs

Using Regex for Log Analysis [Practical]

SOC Workflow: ITSM Workflow

ITSM Tools: Service Now, JIRA, BMC, Request Tracker, etc.

Why do we need SIEM?

What is SIEM?

Security Information Management (SIM)

Security Event Management (SEM)

SIEM guidelines and architecture

SIEM Capabilities: Aggregation, Correlation, Reporting, Storage, Alerts, etc.

Using Splunk [Practical]

Section Introduction

Installing Splunk

UI Navigation

Search Queries using SPL

Creating Alerts & Dashboard

What is Threat?

Why do we need Intelligence?

Introduction to Threat Intelligence

Threats, Threat Actors, APTs & Global Campaigns

Network Level Threats

Web App Level Threats

Host Level Threats

IOCs vs IOA vs Precursors

Traffic Light Protocol (TLP)

Pyramid of Pain [Practical]

Collecting Threat Intelligence [Practical]

Paid vs Open-Source Intelligence Gathering

Types of Threat Intelligence

Strategic Threat Intelligence

Operational Threat Intelligence

Tactical Threat Intelligence

Technical Threat Intelligence

Enhanced Detection with Threat Intelligence

Maltego, MISP, STIX, TAXII, etc. [Practical]

Forensics Fundamentals

File Systems

Hard Disk Drive Basics

Forensics Process [Practical]

Digital Evidence and Handling

Order of Volatility

Chain of Custody

Hashing & Integrity

Email Forensics

How Electronic Mail Works

Anatomy of an Email

What is Phishing?

Types of Phishing

Spear Phishing

Whaling

Impersonation

Typosquatting and Homographs

Sender Spoofing

URL Shortening

Business Email Compromise

Analysing Phishing Emails [Practical]

Analysing Artifacts

Business Email Compromise

Red Flags of Phishing Emails

URL Reputation

File Reputation

SPF

DKIM

DMARC

Manual & Automated Analysis

Incident Response

Introduction to Incident Response

What is an Incident Response?

Why is IR Needed?

Incident Response Lifecycle – NIST SP 800 61r2

Incident Response Plan: Preparation, Detection & Analysis, Containment, Eradication, Recovery, Lessons Learned

Incident Response and Security Operations Integration

Case Study: Cyber Kill Chain in Incident Response

Lockheed Martin Cyber Kill Chain

What is it, why is it used ?

Case Study: Monero Crypto-Mining

MITRE ATT&CK Framework [Practical]

What is it, why is it used ?

Matrices in Mitre

Mapping Data with Mitre

Case Study 1: APT3

Case Study 2: OilRig

Student Feedback

4.7

5785 Rating
98%
78%
55%
60%
10%
image not found
  • Level
    Intermediate
  • Lectures
    45 Lectures
  • Duration
    +45 Days
  • Laguage
    English
  • Access
    Full Lifetime
  • Certificate
    Yes
  • Recourse
    5 Downloadable Files