Best Training Institute Hyderabad, India, Online & Classroom

Course Details

SOC Analyst

(254 reviews)

Created by

Admin

Total Enrolled

50,000+

Last Update

01 January 2023

Duration

45 Days

Description

The Cloud247’s SOC Analyst training course is specifically created for aspiring and current SOC Analysts who want to learn how to prevent, identify, assess, and respond to cybersecurity threats and incidents. The course is the first level of a course series that includes Level 1-SOC Analyst and Level 2-SOC Specialist, and is specifically designed to assist you in mastering over trending and in-demand technical abilities to carry out numerous sophisticated SOC activities.

What you'll learn

Fundamentals of Java Programming
Advanced Java Programming
Java Database Connectivity (JDBC)

Build Tool - Maven
Web Development using Servlets and JSPs
Object Relational Mapping using Hibernate

Requirements

• Networking fundamentals
• OS basics & Troubleshooting is recommended
• Basics of Information Security

Curriculum

45 lectures • 45 days total length

Domain 1 : Security Terminologies, OS Basics & Network Fundamentals

Why do we need Security?

CIA Triad

Concept of AAA

Hacking Concepts

Types of Hackers

Domains of Security

Ethical Hacking Phases

Types of Attacks

Network Fundamentals

NOC vs SOC

The OSI Model

Network Devices

Network Tools – Firewall, IDS, IPS, VPN, Switches, Routers

Ports and Services

Conducting a Port Scan with Nmap [Practical]

Linux Operating System Fundamentals [Practical]

Linux Directory Services

Most useful Linux Commands in SOC

Events Logs in Linux

Linux System Services

Domain 2: Blue Team Operations Architecture

Why do we need SOC?

What is SOC?

Functions of SOC

SOC Models & Types

SOC Teams & Roles

Incidents vs Events

True vs False Incident Categories

Concept of Logging

Local Logging vs Centralized Logging

Log Management & Log Analysis

Log Management needs

Concept of Log Analysis

Web Server Logs

Firewall Logs

SSH Logs

Windows Event Logs

Using Regex for Log Analysis [Practical]

SOC Workflow: ITSM Workflow

ITSM Tools: Service Now, JIRA, BMC, Request Tracker, etc.

Why do we need SIEM?

What is SIEM?

Security Information Management (SIM)

Security Event Management (SEM)

SIEM guidelines and architecture

SIEM Capabilities: Aggregation, Correlation, Reporting, Storage, Alerts, etc.

Using Splunk [Practical]

Section Introduction

Installing Splunk

UI Navigation

Search Queries using SPL

Creating Alerts & Dashboard

What is Threat?

Why do we need Intelligence?

Introduction to Threat Intelligence

Threats, Threat Actors, APTs & Global Campaigns

Network Level Threats

Web App Level Threats

Host Level Threats

IOCs vs IOA vs Precursors

Traffic Light Protocol (TLP)

Pyramid of Pain [Practical]

Collecting Threat Intelligence [Practical]

Paid vs Open-Source Intelligence Gathering

Types of Threat Intelligence

Strategic Threat Intelligence

Operational Threat Intelligence

Tactical Threat Intelligence

Technical Threat Intelligence

Enhanced Detection with Threat Intelligence

Maltego, MISP, STIX, TAXII, etc. [Practical]

Domain 5: Basics of Incident Response & Forensics

Forensics Fundamentals

File Systems

Hard Disk Drive Basics

Forensics Process [Practical]

Digital Evidence and Handling

Order of Volatility

Chain of Custody

Hashing & Integrity

Email Forensics

How Electronic Mail Works

Anatomy of an Email

What is Phishing?

Types of Phishing

Spear Phishing

Whaling

Impersonation

Typosquatting and Homographs

Sender Spoofing

URL Shortening

Business Email Compromise

Analysing Phishing Emails [Practical]

Analysing Artifacts