SOC Analyst/Cyber Incident Responder

Learn SIEM, Threat Intelligence, Cyber Threat Hunting, Malware Analysis, Network Security, Web Security, Endpoint Security, Incident Response, and Vulnerability Management.

Duration- 2.5 months

Course Fees - INR 14,999/-

INR 30000

50% OFF

SOC Analyst Training - Upcoming Batches

Syllabus / Curriculum

Download
Start Date Time Batch Type Training Mode
2 Sep 2023 7 - 10 PM Weekends (Sat - Sun) Online (Live classes)
2 Sep 2023 7 - 10 AM Weekends (Sat - Sun) Online (Live classes)

Syllabus

  1. Computer Network
  2. Types of Networks
  3. OSI model and TCP/IP model
  4. Network Devices (routers, switches, Hub, Bridges, Repeater)
  5. Network typologies(bus, star, mesh, ring)
  6. IP Addressing and Port Numbers
  7. Subnetting
  8. Network Protocols (TCP, UDP, ICMP, DNS, DHCP, HTTP, FTP, SMTP, SNMP, SSH)
  9. Network segmentation and DMZs
  10. Load balancing and failover techniques
  11. Network monitoring and logging techniques (syslog, SNMP, NetFlow)
  1. Cryptography Fundamentals
  2. Encryption
  3. Decryption
  4. Encoding
  5. Decoding
  6. Hashing
  7. Cryptographic Algorithms (AES, RSA, ECC, SHA, MD5, HMAC, PBKDF2)
  8. Symmetric Encryption
  9. Asymmetric Encryption
  10. Digital Signatures
  11. Cryptographic Key Management (key generation, distribution, storage, rotation)
  12. Hash Functions (MD5, SHA1, SHA256)
  13. Transport Layer Security (TLS)
  14. Secure Sockets Layer (SSL)
  15. Cryptography in Network Security (IPsec, VPN, SSL/TLS, HTTPS)
  16. Cryptography in Storage Security (file encryption, database encryption)
  17. Cryptography in Cloud Security (encryption at rest, encryption in transit, key management)
  18. Cryptography in Mobile Security (encryption on mobile devices, SSL/TLS on mobile apps)
  19. Cryptography in Email Security (PGP, S/MIME, DKIM, SPF)
  20. Cryptography in Identity and Access Management (multi-factor authentication, password hashing)
  1. SIEM Concepts and Architecture
  2. Event Sources and Log Management
  3. Event Correlation and Normalization
  4. Use Cases Writing and Fine-Tune
  5. Threat Detection and Alerting
  6. Proactive Monitoring and Triage of Security Events
  7. Compliance Reporting and Auditing
  8. User and Entity Behavior Analytics (UEBA)
  9. Machine Learning and Artificial Intelligence in SIEM
  10. Data Analytics and Visualization
  11. Log Collection and Processing
  12. Monitor Security Events and Logs such as Proxy, IPS/IDS, Firewall, Email, Anti-Malware, Endpoints Security, Web Application Firewall to maintain situational awareness.
  13. Monitors health of Security Sensors and SIEM Infrastructure.
  14. Generate and Delivered Reports- Daily, Weekly Monthly
  15. Working with Dashboards.
  1. Network Security Fundamentals ( confidentiality, integrity, availability, non-repudiation)
  2. Firewall technologies (stateful, stateless, application-level, NGFW, UTM)
  3. Intrusion Detection and Prevention Systems (IDS/IPS) and their role in network security
  4. Network Segmentation and Network Access Control (NAC) Technologies
  5. Network Traffic Analysis using Wireshark ( packet capture, protocol analysis, network flow analysis)
  6. Virtual Private Network (VPN) Technologies and their role in network security
  7. VPN Protocols (OpenVPN, IPSec, L2TP, PPTP)
  8. Network Scanning and Vulnerability assessment tools and techniques
  9. Distributed denial-of-service (DDoS) attack mitigation techniques
  10. Network forensics and incident response procedures
  11. Identity and access management (IAM) technologies and their role in network security
  12. DNS security technologies ( DNSSEC, DNS filtering)
  1. Introduction to Malware Analysis
  2. Types of Malware (viruses, worms, trojans, rootkits, ransomware and more)
  3. Malware Analysis Techniques(dynamic analysis, static analysis, behavioral analysis, memory analysis, and reverse engineering)
  4. Setting up the Sandbox for Malware Analysis
  5. Indicators of compromise
  6. Categories of indicators of compromise
  7. Email indicators
  8. Network indicators
  9. Host-based indicators
  10. Behavioural indicators
  11. Malware Detection and Prevention
  12. Malware Functionality
  13. Malware Removal Techniques
  14. Malware Mitigation
  15. Malware Research:
  16. Malware Case Studies
  1. Endpoint Security Concepts and Architecture.
  2. Malware and virus Detection and Prevention.
  3. Host-based Intrusion Detection and Prevention.
  4. Firewall and Network Protection
    Application Control and Whitelisting.
  5. Patch Management and Vulnerability Assessment.
  6. Data Loss Prevention.
  7. Device Control and USB Blocking.
  8. User Behavior Monitoring and Analytics.
  9. File Integrity Monitoring (FIM)
  10. Endpoint Detection and Response (EDR)
  11. Forensics and Investigation of Endpoint Incidents.
  1. Web Application Architecture
  2. HTTP Communication
  3. HTTP Methods
  4. HTTP Requests and Responses
  5. HTTP Headers
  6. Cookies and Sessions
  7. URL Encoding
  8. Caching
  9. Proxies and Gateways
  10. HTTPS (SSL/TLS encryption and certificate authentication)
  11. Web Application Security Techniques
  12. Web Application Firewall (WAF)
  1. NIST-SP 800-61, Computer Security Incident Handling Guide
  2. Incident Response Plan Development and Execution
  3. Incident Management and Coordination
  4. Incident Classification and Prioritization
  5. Incident Notification and Communication
  6. Evidence Collection and Preservation
  7. Threat Analysis and Intelligence Gathering
  8. Network and host forensics
  9. Memory analysis and volatile data collection
  10. Preparation
  11. Detection and Reporting
  12. Triage and Analysis
  13. Containment and Neutralization
  14. Eradication
  15. Business Continuity and Disaster Recovery Planning
  16. Post-Incident Activities
  17. Patch Management and System Hardening
  18. Legal and Regulatory Considerations
  1. Cyber Kill Chain
    MITRE ATT&CK Framework
  2. Malware infections: Viruses, Trojans, Ransomware
  3. Phishing Attacks
  4. Spear-phishing Attacks
  5. Social Engineering Attack
  6. Phishing email Analysis
  7. Email Header Analysis
  8. Denial-of-service (DoS) attacks
  9. Brute-force attacks
  10. Account compromised
  11. Insider threats
  12. Unauthorized access
  13. Data breaches
  14. Advanced persistent threats (APTs)
  15. Website defacements
  16. Man-in-the-Middle Attack
  17. SQL Injection Attack
  18. Password Attack
  19. Web Attacks
  20. IOC-Indicator of Compromise
  21. URL Analysis
  22. IP Analysis
  1. Threat Hunting Methodology
  2. Types of Treat Hunting
  3. Threat Hunting Use Cases
  4. Threat Hunting Tools
  5. Threat Hunting Scenarios
  6. Threat hunting Metrics
  7. Behavioral Analysis
  8. Use of Threat Intelligence in Hunting
  9. Data Collection and Analysis
  10. Review threat intelligence feeds and investigate on identified potential indicators of compromise (IOCs)
  11. Collaboration and communication
  12. Integration with SIEM, EDR
  1. Threat Intelligence Sources
  2. Threat Intelligence Platforms
  3. Threat Intelligence Analysis
  4. Threat Modeling
  5. Threat Intelligence Sharing
  6. Threat intelligence Integration with Security Tools (such as SIEM, Firewall, Proxy, Email Gateway, and EDR)
  7. Identify and Ingest Indicators of Compromise (IOCs) Into Applicable Security Controls
  8. Review Detection Coverage of IOCs and if no coverage then submit it for coverage to relevant vendor/Internal Teams
  1. Vulnerability Assessment
  2. Vulnerability Management Life Cycle
  3. Nessus Installation
  4. Scan Prerequisites
  5. Vulnerability Scanning
  6. Credential scan and Non-Credential scan
  7. Vulnerability Prioritization
  8. Vulnerability Remediation
  9. Patch Management
  10. Reporting and metrics
  11. Asset Management
  1. Importance of Ethical hacking
  2. Skills of an ethical hacker
  3. Bug Bounty Program
  4. Types of Hackers: Black Hat, White Hat, Grey Hat, Script Kiddies, Hacktivists, State-Sponsored.
  5. Types of Ethical Hackers: Network Penetration Tester, Web Application Penetration Tester, Wireless Security Expert, Mobile Application Security Tester, Red Teamer.
  6. Penetration testing life cycle
  7. Reconnaissance
  8. Vulnerability scanning
  9. Exploitation
  10. Privilege escalation
  11. Post-exploitation

FAQs

A Security Operations Center (SOC) is an essential component of a data protection and security system that helps lower the level of risk that information systems face from external and internal threats.

A SOC Analyst monitors an organization’s network and systems for potential security threats, analyzes and investigates incidents, and provides remediation guidance. They also create and maintain security documentation, perform vulnerability assessments, and develop incident response plans.

The demand for SOC Analysts is expected to grow rapidly in the coming years as more organizations prioritize cybersecurity. SOC Analysts can also advance to higher-level positions such as SOC Manager or Chief Information Security Officer (CISO).

A typical SOC Analyst course covers topics such as threat detection and analysis, incident response, vulnerability assessments, security tools and technologies, and security documentation and reporting.

A SOC Analyst is a member of the cybersecurity team in charge of monitoring and combating threats to a company’s IT infrastructure. They are at the forefront against security threats, and they are responsible for evaluating security systems, discovering and repairing vulnerabilities, and increasing cyber resilience.

Yes,  CyberSecXperts will provides a course completion certificate after the successful training session. SOC Analyst Certification Course have great value in Job market.

Many candidates ask this question if Cyber Security field requires programming knowledge? No, even 95% of cyber security professional does not have programming knowledge and they are successful in their career.

You can call us or send the us an inquiry using the website contact, our Cyber Security Experts will help to guide and provide the complete idea about Cyber Security and how you can start the your career in Cyber Security.

Yes ! We will provide 100% job assistance to candidates who have effectively finished the Training course. For this, we are tied-up with top MNCs from around the globe. Along these lines, you can be put in extraordinary associations.