.png)
Security Operations Centre Analyst
Security Operations Centre Analyst
Empower your team, fortify your defences
Master the vital skills to lead a Security Operations Center (SOC) with our comprehensive course designed for real-world SOC success.
Learning Outcomes:
Participants will:
- Develop expertise in Windows Server management, event logging with Sysmon, and security through Active Directory and Group Policy.
- Build SOC skills in managing firewalls with pfSense, IDS/IPS with Snort, and network traffic analysis.
- Learn to use SIEM tools like ELK and Splunk for event monitoring and alerting, and perform complex searches.
- Gain experience in threat hunting using log analysis, filtering, and the MITRE ATT&CK framework for cyber threat detection and response.
- Improve incident response skills by handling investigations, using YARA for threat detection, and conducting detailed cyber incident analyses.
Question text goes here
- Become familiar with different attack scenarios
Course Syllabus:
Chapter 01
Windows Domain
Question text goes here
Windows Server
- Installing Windows Server
- Configuring Windows Server
- Managing Features
- Windows Events
- Sysmon
Windows Domain
- Installing AD DS
- Configuring AD DS
- Managing Domain Protocols
- Working with Group Policy
- Working with Wireshark
Firewalls
- pfSense Installation
- Configuring FW Rules
- Configuring NAT Rules
- Installing and Managing Packages
- Real-Time Monitoring
IDS/IPS
- Working with Snort
- Snort Rules Structure
- Setting and Configuring Rules
- Passing Traffic using the NAT Feature
- Analyzing Advanced Rules
Chapter 02
SOC Environment
Question text goes here
- Become familiar with different attack scenarios
ELK
- Monitoring Events
- Different Search Methods
- Custom Queries
- Setting Alerts
Splunk
- Monitoring with Splunk
- Splunk Alerts
Chapter 03
Security Information and Event Management (SIEM) Systems
Question text goes here
- Become familiar with different attack scenarios
Log Analysis
- Analyzing Logs
- Advanced Filtering
MITRE ATT&CK
- Hunting via Events
- Creating Hunting Rules
Sysmon
- Configuring XML Settings
- Analyzing Sysmon Events
YARA
- Rules Structure
- Hunting with YARA
Incident Response
- IR Playbooks
- Investigating Files
Chapter 04
Threat Hunting
Question text goes here
- Become familiar with different attack scenarios
Chapter 05
Question text goes here
- Become familiar with different attack scenarios
Training Schedule:
Tailored To Client
Question text goes here
Training Methodology:
Apprenticeship-based Training
- Experience hands-on learning with our demonstration method on a virtual/host machine, ensuring immersive understanding.
- Our trainers prioritise showing over telling, explaining intricacies without relying on slides, offering direct engagement.
- Bridge your knowledge gap by connecting theoretical concepts to practical cybersecurity applications, enhancing career readiness.
Practice Labs
- Engage in repeated practice sessions to solidify and reinforce your understanding.
- Delve deeper with practice questions, encouraging students to explore interconnected topics and enhance comprehension.
- Stimulate critical thinking through challenge questions, prompting students to seek solutions and broaden their problem-solving abilities.
Assessment and Project
- Equip yourself with the expertise and tools essential for navigating corporate networks safely.
- Gain a comprehensive understanding of cyber-attacks to fortify your digital environment effectively.
- Broaden your horizon by familiarising yourself with diverse cyber-attack scenarios and their implications.
Question text goes here
- Become familiar with different attack scenarios
FAQs:
Question text goes here
- Become familiar with different attack scenarios
Quick Info
Programme Fee
Custom Pricing
Duration
5 Days
Schedule
Tailored To Client
Teacher-to-Student Ratio
1:30
Delivery Mode
Register Now
Secure Your Future
Find out more about how we can help you secure your future in cybersecurity
