Why Does A Company needs a SOC Team
Improvise security incident detection through constant monitoring and analysis. It shifts to pro-active approach, rather than being reactive Monitoring 24/7, a SOC is able to provide organizations with an advantage to defend against intrusions regardless of the type of attack at any time.
SOC helps to meet the regulatory compliances.
What you will learn
This course will help build your technical competence so that you can start a career as a Level 2 Analyst in a Security Operations Center team. You will identify threats and possible breaches and collect audit logs for security and compliance. You will be able to conduct investigations and provide evidence.
Skilled in Malware analysis and Email analysis Skilled in Vulnerability Management. Enhances skills in Security threats and vulnerabilities
- Fundamentals of Networking
- IP addressing
- Network Protocols
- Security Basics
- Security Principles and security terms
- Types of malwares
- Types of Cyber Attacks and Vulnerability
- Security Operation Center
- Introduction to Security
- Operations Center
- Cyber Kill Chain Model
- SOC Process
- Security Architecture overview
- Overview on IDS/IPS, Firewalls ,DLP, Anti-virus and Anti-malware, Email security, web security, Honeypots.
- Security Monitoring and Attack Analysis
- Malware Analysis tools and techniques overview.
- Malware Analysis Lab set-up.
- Basic Static and Dynamic Malware Analysis. [We are not covering Advance Malware analysis like Reverse Engineering, code de-obfuscation in this course.]
Documents and URL Analysis.
- Email Analysis.
- Network Traffic log analysis using Wireshark.
- Vulnerability Management
- Introduction to vulnerability management
- Vulnerability management process
- Vulnerability Assessment using Nessus
- Security Incident response
- Incident management process
- Incident response playbook for Malware infection
- Incident response playbook for Phishing attack
- Incident response playbook for Ransomware attack
- Incident response playbook for Command and Control traffic
- Security Information and Event Management (SIEM)- Splunk
- Splunk SIEM Architecture
- Searching and reporting
- Dashboards and Alerts creation
- log analysis using Splunk
- Data integration into Splunk
- Apps and add-ons in Splunk
- Splunk Security use cases.