Browse Library

  • Business Solutions
  • Become an Instructor
  • 0
    Shopping Cart

    Your Cart is empty. Keep shopping to find a course!

    Browse Courses
Tech & IT Network and Security Cyber Security
Tech & IT Network and Security Cyber Security

SOC Analyst Online Training Course

Unlock Your Potential as a SOC Analyst: Learn the Essential Skills and Techniques with Our Comprehensive Online Training Course

Rated : 4.7 8198 views Duration :5 Days Level : Intemediate
Last Updated: 2023-02-24 09:02:07 English Delivery Format: Live Training
Live Training
$585 $90035% off
6 days left at this price!
Next Batch Starting on:

May 22 - May 26

11:30 AM to 02:30PM EST

30-Day Money-Back Guarantee

It Includes

  • 5 Days training program
  • Live Virtual Training
  • Learn on any PC/Mobile/Tablet
  • Unlimited Doubt Sessions
  • Online Labs (if applicable)
  • Official Courseware & Kits
  • Get Recording after session
  • Get Certificate of Completion
  • Mock Tests & Exam Preps
  • Classroom Training (Optional)

Training 2 or more people?

Get a custom quote for group training, Onsite & classroom options.

Request a Quote

Course Overview

COURSE OBJECTIVE

SOC Analysts play a crucial position in today’s security teams since they are on the front lines of cyber defense, identifying and responding to cyber threats as they occur.
The InfosecTrain’s SOC Analyst training course is specifically created for aspiring and current SOC Analysts who want to learn how to prevent, identify, assess, and respond to cybersecurity threats and incidents. The course is the first level of a course series that includes Level 1-SOC Analyst and Level 2-SOC Specialist, and is specifically designed to assist you in mastering over trending and in-demand technical abilities to carry out numerous sophisticated SOC activities.
The course begins with the fundamentals of SOC teams and Blue Team operation architecture before moving on to more advanced topics such as digital forensics, incident response, threat intelligence, and SIEM (Security Incident and Event Management) solutions.
This training course also helps participants plan their preparation for the SOC Analyst certification examinations, which are required to obtain the most sought-after position in the SOC team.

Who Should Attend?

  • Technical Support Engineers
  • System Administrators
  • Security Consultants
  • Cyber Security Analysts
  • Security System Engineers
  • SOC Analysts (L1 & L2)
  • Information Security Researcher

Pre-requisites

    • Prior knowledge of networking fundamentals, OS basics, troubleshooting is recommended
    • Experience as an entry-level SOC Analyst, Cyber Security Analyst, Information Security role
    • Experience of two years in the Information Security domain
    • Security+ or CEH Certification Experience Equivalent

Benefits

    • Gain Knowledge of SOC processes, procedures, technologies, and workflows.
    • Gain a basic understanding and in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, cyber killchain, etc.
    • Able to recognize attacker tools, tactics, and procedures to identify indicators of compromise (IOCs) that can be utilized during active and future investigations.
    • Able to monitor and analyze logs and alerts from a variety of different technologies across multiple platforms (IDS/IPS, end-point protection, servers, and workstations).
    • Gain knowledge of the Centralized Log Management (CLM) process.
    • Able to perform Security events and log collection, monitoring, and analysis.
    • Gain experience and extensive knowledge of Security Information and Event Management.
    • Gain knowledge of administering SIEM solutions (Splunk/AlienVault/OSSIM/ELK).
    • Understand the architecture, implementation and fine-tuning of SIEM solutions (Splunk/AlienVault/OSSIM/ELK).
    • Gain hands-on experience in SIEM use case development process.
    • Able to develop threat cases (correlation rules), create reports, etc.
    • Learn use cases that are widely used across the SIEM deployment.
    • Plan, organize, and perform threat monitoring and analysis in the enterprise.
    • Able to monitor emerging threat patterns and perform security threat analysis.
    • Gain hands-on experience in the alert triaging process.
    • Able to escalate incidents to appropriate teams for additional assistance.
    • Able to use a Service Desk ticketing system.
    • Able to prepare briefings and reports of analysis methodology and results.
    • Gain knowledge of integrating threat intelligence into SIEM for enhanced incident detection and response.
    • Able to make use of varied, disparate, constantly changing threat information.
    • Gain knowledge of Incident Response Process.
    • Gain understating of SOC and IRT collaboration for better incident response.

Course Outline

  • Domain 1: Blue Team Operations Architecture

    • Building a successful SOC
    • Functions of SOC
    • SOC Models & Types
    • SOC Teams & Roles
    • Heart of SOC- SIEM
    • Gartner’s magic quadrant – TOP SIEM
    • SIEM guidelines and architecture

  • Domain 2: SOC Tools

    Splunk:

    • Building a successful SOC
    • Functions of SOC
    • SOC Models & Types
    • SOC Teams & Roles
    • Heart of SOC- SIEM
    • Gartner’s magic quadrant – TOP SIEM
    • SIEM guidelines and architecture

    Security Onion:

    • Introduction to Security Onion : NSM
    • Security Onion Architecture
    • Walkthrough to Analyst Tools
    • Alert Triage and Detection
    • Hunt with Onion

  • Domain 3: DFIR

    Fundamentals of Digital Forensics

    • Forensics Fundamentals
    • Introduction to Digital Forensics
    • Hard Drive Basics
    • SSD Drive Basics
    • File Systems
    • Metadata & File Carving
    • Memory, Page File, and Hibernation File
    • Order of Volatility
    • Evidence Forms
    • Volatile Evidence
    • Disk Evidence
    • Network Evidence
    • Web & Cloud Evidence
    • Evidence Forms
    • Chain of Custody
    • What is the Chain of Custody?
    • Why is it Important?
    • Guide for Following the Chain of Custody
    • Windows Investigations
    • Artifacts
    • Equipment
    • Live Forensics
    • Live Acquisition
    • Products
    • Potential Consequences
    • Post-Investigation
    • Report Writing
    • Evidence Retention
    • Evidence Destruction
    • Further Reading

  • Tools exposure provided in the above section:

    • Command-LINE for Windows / Linux
    • Network Analysis: Wireshark, Network Miner
    • Disk Based Forensics: FTK IMAGER, AUTOPSY, Encase
    • Memory Forensics: MAGNATE & BELKASOFT RAM CAPTURE, DumpIt, Volatility, Volatility WorkBench
    • Email Forensics: Manual & Automated Analysis

  • Incident Response Basics

    • Introduction to Incident Response
    • What is an Incident Response?
    • Why is IR Needed?
    • Security Events vs. Security Incidents
    • Incident Response Lifecycle – NIST SP 800 61r2
    • Incident Response Plan : Preparation, Detection & Analysis, Containment, Eradication, Recovery, Lessons Learned
    • Case Study : Cyber Kill Chain in Incident Response
    • Lockheed Martin Cyber Kill Chain
    • MITRE ATT&CK Framework
    • Preparation
    • Incident Response Plans, Policies, and Procedures
    • The Need for an IR Team
    • Asset Inventory and Risk Assessment to Identify High-Value Assets
    • DMZ and Honeypots
    • Host Defences
    • Network Defences
    • Email Defences
    • Physical Defences
    • Human Defences

  • Detection and Analysis

    • Common Events and Incidents
    • Establishing Baselines and Behavior Profiles
    • Central Logging (SIEM Aggregation)
    • Analysis (SIEM Correlation)

  • Containment, Eradication, Recovery

    • CSIRT and CERT Explained
    • Containment Measures
    • Taking Forensic Images of Affected Hosts
    • Identifying and Removing Malicious Artefacts
    • Identifying Root Cause and Recovery Measures

  • Tools exposure provided in the above section:

    • SYSINTERNAL SUITE
    • Hash Calculator
    • Online Sources
    • CyberChef

  • Domain 4: TI

    • Introduction To Threat Intelligence
    • Threat Actors
    • CTI Skills: NIST NICE – CTI Analyst
    • OODA Loop, Diamond Model of Intrusion Analysis
    • Unleashing Threat Intel with Maltego, AlienVault OTX
    • LOTL Based Techniques
    • Malware Campaigns & APTs

Vendor

Learnfly

Learnfly is a leading online e-learning marketplace, which has been assisting individuals & Corporate employees to learn new skills to achieve personal and professional goals. Having global instructor base with over hundreds of courses, our e-learning marketplace aims to reinforce the professional efficiency of individuals through online e-learning courses that are strategically designed to revolutionize your presence in the industry.
View More...

Frequently Asked Questions

  • What does a SOC analyst do?

    SOC analysts use their networking, computer science, research and collaboration skills to assess security systems for vulnerabilities and malicious activities and to identify potential controls to mitigate them. SOC analysts can also be expected to perform many other tasks: Monitor security systems for suspicious network or application behavior Document security incidents and implement response plans Assist with cybersecurity risk assessments, vulnerability testing and compliance activities Monitor and perform security and patch management

  • How do I become a SOC analyst?

    To help the creation of your development plan, the Bureau of Labor Statistics (BLS) notes that successful SOC analysts typically display the following characteristics: Analytical skills: SOC analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved Detail-oriented: Because cyberattacks can be difficult to detect, SOC analysts must pay careful attention to computer systems and watch for minor changes in performance Ingenuity: SOC analysts must anticipate SOC risks and implement new ways to protect their organization’s computer systems and networks Problem-solving skills: SOC analysts must respond to security alerts, uncover and fix flaws in computer systems and networks

  • What education does a SOC analyst need?

    Most SOC analyst vacancies are looking for candidates with a bachelor’s degree in computer science, information assurance or a related field. However, given the large critical skills gap across the cybersecurity industry, many employers’ emphasis on four-year degrees has lessened if the candidate can show tangible technical skills, and related on-the-job experience.

  • What certifications does a SOC analyst need?

    There is no industry-wide or CompTIA SOC analyst certification path, or certified SOC analyst training program available right now. But several related programs cover many of the relevant skills an analyst would need, regardless of the industry in which they would be employed. One example is CompTIA’s intermediate-level Cybersecurity Analyst (CySA+) certification, or CompTIA’s Security+ and Network+ certifications. There are other certifications one could use to improve their skills and validate their understanding of important security fundamentals: Certified Ethical Hacker (CEH) Certified Penetration Tester (CPT) Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Offensive Security Certified Professional

  • What skills does a SOC analyst need?

    SOC analyst day-to-day activities require them to demonstrate competency across the following security domains: Network defense Ethical hacking Incident response Computer forensics Reverse engineering

  • What does a SOC analyst work?

    One source lists New Jersey, Delaware, New York, Massachusetts and Maryland as the top employer of security analysts. Given the size of the federal government, Virginia and the District of Columbia can also be expected to employ a lot of SOC analysts.

  • How does Live Training works?

    Live training, also known as online training, is a method of delivering training in real-time over the internet. The trainer and the trainees are connected through video conferencing software, allowing for interactive communication and collaboration. During live training, the trainer can present materials, lead discussions, answer questions, and engage with the trainees in real-time.

  • Does Learnfly offer Classroom & Onsite training as well?

    Yes. We Do! We do offer classroom, onsite, group sessions & 1 on 1 training for selective courses. Contact our support team and our team will assist you with the process.

  • Do you provide certification and exam assistance?

    Yes! We provide assistance in scheduling & preparing for your exam after a successful training completion. Once you successfully pass your exam, you will be awarded with a certification.

  • What if I miss my scheduled class or want to reschedule?

    No worries. You can simply request for the next date as per your availability.

  • Can I change the trainer if not satisfied?

    We only provide highly qualified and certified trainers with 100% satisfaction rate. However, if you are not satisfied with the trainer, you can request for a free replacement.

  • Do I get a lab access with the course?

    Yes! If your training require a lab access, then it will be included in the price.

  • Is Learnfly accredited?

    Yes! Learnfly is accredited with many renowned vendors like Microsoft, ISACA, VMWare, PECB, EC Council. Cisco and many more.

  • Are Learnfly Instructor's Certified?

    Yes. We only provide training via Certified Instructors.

  • Where is Learnfly Located?

    Learnfly is a global training provider with locations in India, United States, United Kingdom, UAE, Australia & Africa.

  • Does Learnfly offer after training support?

    Yes. We offer 1 month free support after your training completion for any queries related to your course, examination etc.

  • What is Learnfly Platform?

    Learnfly Platform is an omnnichannel Learning Management System that allows you to access thousands of self paced courses, attend live classes, track certifications, access interactive quizzes & assignments, Online labs, connect with Instructors & do much more. Join the platform to know more.

  • Do you offer a demo live session with an instructor?

    Yes! If you need a demo session to get a feel of live training or to evaluate an instructor, then you can request for a 15 minutes free live session. Connect with our training team for more info.

  • Can I get a refund if not satisfied?

    All of our training comes with 30 days money back guarantee. Refunds are only applicable on instructor training. Exam, labs are non-refundable.

  • How can I make a payment for my training?

    We accept all major payment methods like debit/credit card, PayPal and Bank Wire transfer. For bank transfer, please contact us at support@learnfly.com

  • How can i get started?

    Super! Simply click on "Book Now" button on this page to reserve your seat and make a payment. You can choose from available schedules or provide your own. For anything else like quotation, purchase order, bank wire details etc, please contact our training team at support@learnfly.com. See you learning with us soon!
How it Works?
01
Choose your live class topic
Browse from 250+ live class sessions and topics on Learnfly platform. Learn from the comfort of your home or office.
02
Book and Schedule your class
Book online & reserve your seat for the live class. You can select from available schedule or provide your preferred dates and time during signup process.
03
Make online payment
Make payment for the live class with debit/credit card or paypal. Pay in your preferred currency & with easy EMI* option. EMI option is available in selected countries.
04
Check for Confirmation
Once you make successful payment, your live class will be confirmed and details will be available on your dashboard. We will also send you an email with confirmation with other details.

Certification Partners

Meet our official certification partners. Get Certified with internationally recognised names.

Earn International recognition and certification

Earn International recognition and certification

Get Certified : Get Ahead

Get your own personalized Certificate of Completion, once you successfully complete the training with Learnfly. Showcase your certifcation on Linkedin & more.

250k+ Students and growing.

Listen what they say about Learnfly Courses

More in Tech & IT

$900
Enquire Now

Students learning on Learnfly works with Fortune 500 companies around the globe.

Sign Up & Start Learning
By signing up, you agree to our Terms of Use and Privacy Policy
Reset Password
Enter your email address and we'll send you a link to reset your password.