As the first line of defence against cyberattacks, SOC analysts are essential members of today’s security teams because they are able to recognise and address problems before they become serious.
The SOC Analyst training course from Coding Wizard is designed especially for prospective and practicing SOC Analysts who wish to understand how to stop, recognise, evaluate, and handle cybersecurity incidents and threats. This course, which is the first in a series that also includes Level 1-SOC Analyst and Level 2-SOC Specialist, is specifically meant to help you acquire the technical skills that are in high demand and trending so you can do a variety of complex SOC operations.
Before moving on to more sophisticated topics like digital forensics, incident response, threat intelligence, and SIEM (Security Incident and Event Management) solutions, the course starts with the fundamentals of SOC teams and Blue Team operating architecture.
In order to secure the most desirable job on the SOC team, candidates must pass the SOC Analyst certification exams, which may be planned for with the assistance of this training course.
Section 1: Course Introduction
1. Cyber Security Analyst – Intro to Course Content
Section 2: Networking Concepts
2. Introduction to organization Network
3. Introduction to organization Network
4. ISO Model – Application and Presentation Layer Basics
5. ISO Model – Session, Transport, Network and DataLink Layer Basics
6. ISO Model Recap AND Public/Private Address Range
7. Introduction to web technology
8. Understanding HTTP protocol Part 1
9. Understanding HTTP Part 2 and Understanding Service Ports Part 1
10. Understanding SMB, SMTP, Telnet, SSH, FTP, SMTP, MySql Services.
11. Introduction to Windows – Types of Wiondows OS and Permissions
12. Windows OS – Computer Management, Utilities
13. Indept on Port Numbers – Part 1
14. Indept on Port Numbers – Part 2
Section 3: Cyber Security Concepts
15. Introduction to Security CIA Encryption and Hashing
16. Defence InDeapth Approach
17. Cyber Kill chain OR Phases of Attack.mp4
18. Brute Force Attack and Types
19. Phishing and Spoofing Attacks
20. OWASP Top 10
21. DNS Tunneling Attack
22. Malware and its Types
Section 4: Understanding Splunk, SIEM and SOC Process
23. Splunk installation
24. Splunk Universal Farward Installation
25. Introduction to Splunk
26. SOC Process
27. SOC Roles and Responsabilities
28. SIEM Architecture
Section 5: Understanding Various Logs, Dashboard and Alert creations
29. Uploading Demo Logs to Splunk and firewall Log analysis
30. Understanding Firewall Logs
31. Splunk Dashboard creation – Firewall Part 1
32. Splunk Dashboard creation – Firewall Part 2
33. IDS Log Analysis
34. DNS Profiling Scenarios Part 1
35. DNS Profiling Scenarios Part 2
36. Understanding DNS Logs
37. Understanding HTTP Logs Part 1
38. Understanding HTTP Logs Part 2
39. Understanding Antivirus Logs
40. Understanding Windows Log
41. Understanding Windows Event IDs
42. Windows Sysmon Log Analysis
Section 6: Walkthrough SIEM usecases and Incident Handling Stages
43. SIEM Use cases Part 1
44. SIEM Use cases Part 2
45. SIEM Use cases Part 3
46. Malware outbreak Analysis
47. Incident Handling stages
Section 7: Introduction to threat Hunting
48. Threat Hunting – Scanning attack on Web Server
49. hreat Hunting – Brute Force Attack
50. Email Header Analysis
Section 8: Networking and Security Interview Questions
51. what are networking devices?
52. what is P address and IP address classification?
53. What is NAT and PAT?
54. Tell me few port numbers which you know?
55. How a Firewall Works?
56. How VPN works?
57. What is Symmetric and Asymmetric Encryption?
58. Explain CIA triad?
59. What is the difference in between SSL and HTTPS?
60. How do you stay up to date on Cyber Security news and latest attacks
61. What is the difference between Virus and Warm?
62. Explain SQL Injection Attack
63. What is botnet?
64. What is Brute Force Attack?
65. SIEM related interview topics
Section 9: SIEM Interview Questions and Answers
66. SIEM Dashboard and Use cases
67. What are different event logs you analyze?
Section 10: SOC Process Interview Questions and Day to Day Activities
68. What is Security Operation Center?
69. What are various Security Devices used in your orrganization?
70. How does a SOC Team manage or work in an Organization?
71. What are the Roles and Responsibilities of SOC Engineer?
72. What are the fields in Sample Incident Ticket – ServiceNow ?
73. what are Service level Agreements for the SOC Incidents?
74. What is False Positive Analysis? or what are various outcomes of Analysis?
75. How many Logs sources are there in your organization?
76. What are the steps in Incident Response Life Cycle
77. Can you please explain what you will do after getting an alert? (Alert IR FLow)
78. How will you manage work in shifts?
Section 11: SIEM Alert Analysis Interview Questions
79. How do you handle P1, P2, P3 and P4 Incidents?
80. what will you do if receive a Malware Attack Alert?
81. How do you analyze if receive a Brute Force Attack Alert?
82. How do you analyze Phishing email attack?
83. How do you Analyze SQL Injection attack?
84. How do you analyze DDOS Attack?
85. How do you analyze if a suspicious IP detected in outbound traffic?
Section 12: Discussion on Real Time Activities
86. Discussion on Real Time Activities
Section 13: Course wrapup
87. Course Wrapup
50-60 hours (2-3 months)
Batch 1:- Personal Classes
Batch 2:- Group Classes
For more Contact Us
WhatsApp us