Contact Us

Course: ICSI | CSA Certified SOC Analyst.

Overview.

The goal of the course is to provide students with the theoretical background and a hands-on experience in security operations to become certified SOC analysts. Students will learn to effectively monitor, analyse and respond to cyber security incidents within the Security Operations Centre (SOC) using a variety of tools such as Snort, Suricata, Wireshark and Wazuh.

  • Security Professionals
  • Security Analysts
  • SOC Analysts (Tier 1)
  • Network Security Administrators and Engineers

Basic familiarity with networking, Windows and Linux operating system.

 

Module 1: Introduction to Junior Security Analyst (SOC)

Lessons:

  • Junior Security Analyst Role
  • Security Operations Centre (SOC)
  • A day in the life of a Junior Security Analyst

 

Review Questions

Module 2: Introduction to Cyber Defence Frameworks

Lessons:

  • NIST Cybersecurity Framework
  • MITRE
  • Cyber Kill Chain
  • Unified Kill Chain

Review Questions

Module 3: Threat Intelligence

Lessons:

  • Introduction to threat Intelligence
  • Threat Intelligence Tools
  • NIST 800-115

Labs

  • Analysing Malicious Attachments Using VirusTotal

Module 4: Network Traffic Analysis

Lessons:

  • Network Security
  • Traffic Analysis
  • Wireshark

Labs

  • Using Wireshark to Analyse TCP Traffic
  • Using Wireshark to Analyse UDP Traffic
  • Using Wireshark to Identify a DDoS Attack

Module 5: Endpoint Security

Lessons:

  • Fundamentals of Endpoint Security
  • Logging and Monitoring Endpoints
  • Log Analysis on Endpoints

Labs

  • Install the Wazuh Agent on Windows
  • Install the Wazuh Agent on Linux (Ubuntu)

Module 6: SIEM (Security Information and Event Management)

Lessons:

  • Introduction to SIEM
  • Log Sources and Log Ingestion
  • Log Analysis and Alerts

Labs:

  • Forward Log Events to Wazuh

Module 7: IDS and IPS

Lessons:

  • Introduction to IDS and IPS
  • Fundamentals of Snort
  • Fundamentals of Suricata

Labs:

  • Identifying Malicious Network traffic with Snort
  • Detecting DDoS Attacks Using Suricata

Module 8: Reporting Security Incidents

Lessons:

  • Reporting Security Incidents
  • Incident Report Process
  • A Complete Incident Report: What You Need to Know
  • The Importance of Communications

If you’re interested in attending a private training session or would like to receive our schedule, please don’t hesitate to contact us!

register
Discover more

Join our newsletter to stay up to date on features and releases.

By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.

Get in touch

Contact us

DefensityOne 2024 | All rights reserved 

Privacy Policy