SOC
Modules Include:
Introduction to Security Operations Center (SOC) (4 hours)
Ethical Hacking Basics (10 hours)
SIEM (4 hours)
QRADAR Components Configuration (4 hours)
SIEM Console Navigation (4 hours)
Logger and its components (4 hours)
Content Management (4 hours)
Using QRADAR for Offense Investigations (4 hours)
Making them ost out of QRADAR (4 hours)

SOC

$1500 USD
Categories:
Reviews:
SOC

About this course

With cyber attacks on the rise, more and more organizations are investing in their own Security Operations Centers (SOC). SOC Analysts are responsible for monitoring the company’s infrastructure round the clock in order to mitigate potential attacks using SIEM tools.

 

This course is for college students that are interested in the field of cyber security. Likewise, experienced professionals that want to make a switch to the in-demand field of cyber security can also benefit from this training course.

 

Number of jobs in the U.S. – 49,000+ (Source: LinkedIn)

 

U.S. National Average salary – $107,172/year (Source: ZipRecruiter)

 

This course covers everything from the basics to a comprehensive overview of the technologies and related architecture used in a Security Operations Center (SOC). It will arm you with the skills needed to identify security events and respond to incidents in a SOC environment.

 

Prerequisite – None required. Basic knowledge of Windows helpful.

Syllabus

Modules Include:
Introduction to Security Operations Center (SOC) (4 hours)

• What is SOC • Red Vs Blue Teams • Cyber kill chain • MITRE ATT&CK framework • Roles and responsibilities of SOC

Ethical Hacking Basics (10 hours)

• Nmap • Hacking stages • Types of hackers • Web application security • Roles and responsibilities of SOC • Types of Malware • Ransomware and security measures

SIEM (4 hours)

• What is SIEM • ArcSight Architecture and Its components • Introduction to Collector • Introduction to ESM

QRADAR Components Configuration (4 hours)

• System requirements (OS, DB, hardware specs) • Installation of QRADAR • QRADAR user management

SIEM Console Navigation (4 hours)

• Filters • Index Management • Advanced searches

Logger and its components (4 hours)

• Overview of Collectors • Logger workflow to receive events • Device Groups • Reports and Dashboard creation in Logger • Event searching • Scheduling Tasks • Alert notification and its limitation • User logger for Investigation

Content Management (4 hours)

• Use Cases • Hidden features in QRADAR to create rules (Local variable, Active List) • Dashboards • Reports • Sample creation of Use cases • Sample creation of dashboard • Sample creation of reports

Using QRADAR for Offense Investigations (4 hours)

• Alert mechanism and reporting overview • Identifying alerts and responding to it • Using search mechanism for quick investigation • Using QRADAR for quick alert Investigation techniques • Using Active channels and logger queries as part of investigation • Using reports and dashboards in QRADAR for trend analysis • Correlating multiple device logs for decision making on triggered alerts • Trend Analysis using reports and Dashboards • Sample Investigation on triggered alerts

Making them ost out of QRADAR (4 hours)

• Device integration overview • Automating compliance alerts • Using search mechanisms for quick investigation • Quick investigation shortcuts • Cheat sheet for QRADAR troubleshooting • Log stoppage alerts and trouble shooting