SOC(Security Operation Center) analyst training

Description

The Certified SOC Analyst (CSA) designation represents a crucial step in the professional progression of a cybersecurity expert. This certification attests to the skills and knowledge required to monitor and manage incidents within a security operations center (SOC). If you are an administrator or analyst just starting out in the field of IT security, this course is an excellent opportunity to obtain the CSA certification issued by EC-Council.
Over the course of three days, you'll take part in a program focusing on the fundamentals of SOC operations and knowledge management. You will then explore topics such as log correlation, SIEM system deployment, advanced incident detection and appropriate incident response. Finally, you'll learn how to manage the standard processes involved in handling security incidents, and discover how to collaborate with a CSIRT if necessary.
At the end of this intensive course, enriched by practical work, you'll be ready to take the official exam via the EC-Council exam portal (for more information, see the certification tab).

Day 1: Introduction to SOC Operations

  • Security Operations Center (SOC) operations and management: Understand how an SOC operates and is organized.
  • Cyberthreats, IoC systems and attack techniques: Explore the different cyberthreats, indicators of compromise (IoC) and methods used by attackers.

Day 2: Incident and log analysis

  • Incidents, events and logs: Learn to distinguish between incidents, events and logs, and their importance in cybersecurity.
  • Incident detection with a security information and event management system (SIEM): Discover how a SIEM can be used to detect incidents.
  • Incident detection with threat intelligence: Understand how to integrate threat intelligence to improve detection.

Day 3: Incident Response

  • Incident response: Learn the steps and best practices for effectively managing security incidents.
  • This structure provides a progressive understanding of the key concepts involved in managing security operations.

This course is aimed at the following audiences:

  • Level 1 or 2 SOC analysts;
    Telecommunications, network and IT systems security analysts;
  • systems, networks and telecoms engineers
    all professionals in charge of managing security or network operations who wish to become certified.

To follow the Certified SOC Analyst (CSA) training course, you need the following prerequisites:

  • at least 1 year's professional experience in network administration or IT security.

At the end of CSA training, you will be able to achieve the following objectives:

  • Master the processes, technologies and operations within a SOC.
  • Understand the fundamentals and technical aspects of security threats, attacks, vulnerabilities, attacker behavior, as well as the Cyber Kill Chain and other related concepts.
  • Identify attacker tools, strategies and practices to establish indicators of compromise (IOCs).
  • Monitor and analyze logs and notifications from various technologies across multiple platforms.
  • Acquire knowledge of the centralized log management (CLM) process.
  • Collect, monitor and analyze security events and logs.
  • Master the use of SIEM tools such as Splunk, AlienVault, OSSIM and ELK.
  • Understand the practical process of using SIEM solutions.
  • Develop threat models and write relevant reports.
  • Know the different use cases frequently applied when deploying a SIEM.
  • Plan, monitor and analyze threats within an organization.
  • Track emerging threat patterns and assess security risks.
  • Understand the alert triage process.
  • Escalate incidents to appropriate teams for in-depth support.
  • Use a ticket management system (Service Desk).
  • Prepare briefings and reports on analysis methods and results.
  • Integrate threat intelligence into a SIEM system to improve incident detection and response.
  • Exploit a variety of disparate and constantly evolving threat information.
  • Master the incident response process.
  • Understand how the SOC and IRT work to optimize incident response.
  • Pass the 312-39 exam and obtain C|SA certification from EC-Council.

Training Details

  • Reference : DOL-FASOC02
    Training location : Douala
    Date :
    Duration : 3 DAYS
    Price : FCFA850,000

Currency

Training location

We design, build and support digital products for clients who want to make a positive impact in their industry. Creative with technology, we develop great solutions to help our clients grow and especially by strengthening our relationships based on continuous improvement, maintenance, support and hosting services.

Follow us