SOC Analyst Training (L1 & L2)

The SOC Analyst program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

What's in this Course..?

(961+ )
4.5/5

#1 Top selling SOC Analyst Course

This Program Include:

Gopi Pakanati

CEI, CSA, OSCP, OSCE, ECSA, CEH

Gopi has 11+ years of experience as a SIEM manager and, he is from Global Corporates. he was deliver more than 120+ conferences and train 1000+ industrial SIEM experts since 2014.

961+

Certified Learners

126+

Topics

28

Lab Sessions

7

Modules

#1

Top Selling Course

Overview

The  SOC Analyst program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry. The program focuses on creating new career opportunities through extensive, meticulous knowledge with enhanced level capabilities for dynamically contributing to a SOC team. it thoroughly covers the fundamentals of SOC operations, before relaying the knowledge of log management and correlation, SIEM deployment, advanced incident detection, and incident response. Additionally, the candidate will learn to manage various SOC processes and collaborate with CSIRT at the time of nee

Package include:

Course Content:

Lesson: 1 – tcp/ip model
Lesson: 2 – types of networks (LAN, WAN, man, waln)
Lesson: 3 – Application layer protocols (DNS, dns packet analysis, DNSSEC, how dns works, ftp, http, sftp, SMTP, ssh)
Lesson: 4 – Transport Layer protocol (tcp, UDP, SSL, TLS)
Lesson: 5 – Internet layer (Ip, ipv4 vs ipv6, ipsec, ARP, IGRP(optional))
Lesson: 6 – link layer protocols: (WEP, WPA, WPA2, CDP – cisco, LEAP/PEAP,)
Lesson: 7 – Network Security devices: (Firewall, h/w Firewall, s/w firewall, types, policies, IDS, types o IDS, VPN, Proxy server)

Video 48 Min  + 2 Min read to complete

Lesson: 1 – Security Management
Lesson: 2 – Capabilities of SOC
Lesson: 3 – Typical function of Soc Operations
Lesson: 4 – SOC Workflow
Lesson: 5 – Components of SOC
Lesson: 6 – Types of SOC Models
Lesson: 7 – SOC Vs NOC
Lesson: 8 – Security Operations
Lesson: 9 – Need of SOC

Video 48 Min  + 2 Min read to complete

Lesson: 1 – Cyber Threats
Lesson: 2 – Intent-Motive-Goal
Lesson: 3 – Tactics-Technqiues-Procedures
Lesson: 4 – Opportunity-Vulnerability-Weakness
Lesson: 5 – Network,Host,Application Level Attacks
Lesson: 6 – Cyber Threat IoCs
Lesson: 7 – Hacking Methodologies

Video 48 Min  + 2 Min read to complete

Lesson: 1 – Log , Event and Incident
Lesson: 2 – Typical Log Sources
Lesson: 3 – Need of Log
Lesson: 4 – Logging Requirements
Lesson: 5 – Typical Log Format
Lesson: 6 – Local Logging
Lesson: 7 – Centralized Logging challenges

Video 48 Min  + 2 Min read to complete

Lesson: 1 – Security Infromation and Event Management (SIEM)
Lesson: 2 – Need of SIEM
Lesson: 3 – Typical SIEM Capabilities
Lesson: 4 – SIEM Architecture and its Components
Lesson: 5 – SIEM Solutions
Lesson: 6 – SIEM DEployment -(part 1 and 2)
Lesson: 7 – Incident Detection with SIEM and Use Case Examples For Application Level Incident Detection
Lesson: 8 – Use Case Examples For Insider Incident Detection
Lesson: 9 – Use Case Examples For Network Level Incident Detection
Lesson: 10 – Use Case Examples For Host Level Incident Detection
Lesson: 11 – Handling Alert Triaging and Analysis

Video 48 Min  + 2 Min read to complete

Lesson 1 – Cyber Threat Intelligence (CTI)
Lesson 2 – Types of Threat Intelligence
Lesson 3 – Threat Intelligence-driven SOC
Lesson 4 – Benefit of Threat Intelligence to SOC Analyst
Lesson 5 – Threat Intelligence Use Cases for SOC Analyst
Lesson 6 – Integration of Threat Intelligence into SIEM
Lesson 7 – Threat Intelligence Use Cases for Enhanced Incident Response
Lesson 8 – Enhancing Incident Response by Establishing SOPs for Threat Intelligence

Video 48 Min  + 2 Min read to complete

Lesson: 1 – Incident Response
Lesson: 2 – SOC and IRT Collaboration
Lesson: 3 – Incident Response (IR) Process Overview
Lesson: 4 – Responding to Network Security Incidents
Lesson: 5 – Responding to Application Security Incidents
Lesson: 6 – Responding to Email Security Incidents
Lesson: 7 – Responding to an Insider Incidents
Lesson: 8 – Responding to an Malware Incidents

Video 48 Min  + 2 Min read to complete

Lab Topics:

Lab 1: Signup iLab & Setup necessary tools & Options 

Lab 2: Overview of iLab & Enterprise Tools installation 

Video 48 Min  + 2 Min read to complete

  • Lab 1: Application Level Threats: Understanding the Working of SQL Injection Attacks – Tasks: 9
  • Lab 2: Application Level Threats: Understanding the Working of XSS Attacks – Tasks: 10
  • Lab 3: Network Level Threats: Understanding the Working of Network Scanning Attacks – Tasks: 14
  • Lab 4: Host Level Threats: Understanding the Working of Brute Force Attacks– Tasks: 8
  • Lab 5: Detecting and Analyzing IoCs using Wireshark– Tasks: 45

Total duration: 1 hr, 40 minute’s 

  • Lab 1: Local Logging: Configuring, Monitoring, and Analyzing Windows Logs- Tasks: 18
  • Lab 2: Local Logging: Configuring, Monitoring, and Analyzing IIS Logs- Tasks: 32
  • Lab 3: Local Logging: Configuring, Monitoring, and Analyzing Snort IDS Logs- Tasks: 63
  • Lab 4: Centralized Logging: Collecting Logs from Different Devices into Centralized Location Using Splunk- Tasks: 126

Total duration: 2 hour, 55 minutes

  • Lab 1: Host Level Incident Detection: Creating Splunk Use Case for Detecting and Generating Alert on Brute-Force Attempts- Tasks: 26
  • Lab 2: Application Level Incident Detection: Creating Splunk Use Case for Detecting and Generating Alert on SQL Injection Attempts- Tasks: 36
  • Lab 3: Application Level Incident Detection: Creating Splunk Use Case for Detecting and Generating Alert on XSS Attempts- Tasks: 31
  • Lab 4: Network Level Incident Detection: Creating Splunk Use Case for Detecting and Generating Alert on Network Scanning Attempts- Tasks: 60
  • Lab 5: Network Level Incident Detection: Creating Splunk Use Case for Monitoring Insecure Ports and Services- Tasks: 33
  • Lab 6-1: Host Level Incident Detection: Creating ELK Use Case for Monitoring Trusted Binaries Connecting to the Internet- Tasks: 53
  • Lab 6-2: Host Level Incident Detection: Creating ELK Use Case for Monitoring Credential dumping using Mimikatz- Tasks: 16
  • Lab 6-3: Host Level Incident Detection: Creating ELK Use Case for Monitoring Malware activity in the system- Tasks: 15

Total Duration: 3 hour, 24 minute’s

  • Lab 1: Enhanced Incident Detection with Threat Intelligence- Tasks: 83
  • Lab 2: Integrating OTX Threat Data in OSSIM- Tasks: 19

Total Duration: 2 hour, 45 minute’s

  • Lab 1: Generating Tickets for Incidents- Tasks: 86
  • Lab 2: Containing Data Loss Incidents- Tasks: 53
  • Lab 3: Eradicating SQL Injection and XSS Incidents- Tasks: 42
  • Lab 4: Recovering from Data Loss Incidents- Tasks: 48
  • Lab 5: Creating Incident Reports using OSSIM- Tasks: 17

Total Duration: 2 hour, 35 minute’s

target Audience:

  • SOC Analysts (Tier I and Tier II)
  • Network and Security Administrators, Network and Security Engineers, Network Defense Analyst, Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations
  • Cybersecurity Analyst
  • Entry-level cybersecurity professionals
  • Anyone who wants to become a SOC Analyst.

Are You Ready To Start?

Course Content

Expand All
Lesson Content
0% Complete 0/21 Steps

FAQ

Most frequent questions and answers

Yes, we are authorized training partner with ec council. 

Yes, this program include 6 month of iLab access

Ec Council CSA Program Covers SOC L1 & L2. but our experts explain with enterprise level scenarios

Most of our instructors are CEI (Certified Instructors), Gopi has 11+ years of Experience

Contact US

+91-8367643360

available from 24/7

Address: 5-1-100, 2nd floor, Kukatpally Hyderabad – 500072

Email: support@cyberloop.in

Loading...

Processing Order...

Please wait while we process your payment...

Please wait while we redirect you...

Scroll to Top