Cyber Security SOC Analyst Training - SIEM (Splunk) from Udemy

Cyber Security SOC analyst training Splunk (SIEM) For those who are aspiring to certify themselves as well as enhance their knowledge and skills on becoming a SOC analyst. This course is specially designed for all level of interested candidates who wants get in to SOC.

Work of a SOC analyst?

A Security Operation Center Analyst is primarily responsible for all activities that occur within the SOC. Analysts in Security Operations work with Security Engineers and SOC Managers to give situational awareness via detection, containment, and remediation of IT threats. With the increment in cyber threats and hacks, businesses are becoming more vulnerable to threats. This has significantly enhanced the importance of a SOC Analyst. For those in cybersecurity, it can be a dynamic role. SOC Analysts cooperate with other team members to detect and respond to information security incidents, develop and follow security events such as alerts, and engage in security investigations.Furthermore, SOC Analysts analyze and react to undisclosed hardware and software vulnerabilities. They also examine reports on security issues and act as ‘security advisors’ for an organization.

This course helps you to learn and implement those strategies and with training provided. This will in turn help you play a significant role in defending against cyber threats and keeping sensitive information secure.

What's inside

Learning objective

Student will gain the knowledge of networking, cyber security and soc analyst role activities content with hands on practicals

Syllabus

Course Introduction

In this video you will be briefly get to know about the concepts you are going to learn.

In this section you will learn some importent networking concepts

Introduction to organization Network

Introduction to web technology

ISO Model - Application and Presentation Layer Basics

ISO Model - Session, Transport, Network and DataLink Layer Basics

ISO Model Recap AND Public/Private Address Range

Understanding HTTP protocol Part 1

Understanding HTTP Part 2 and Understanding Service Ports Part 1

Understanding SMB, SMTP, Telnet, SSH, FTP, SMTP, MySql Services.

Introduction to Windows - Types of Wiondows OS and Permissions

Windows OS - Computer Management, Utilities

Indept on Port Numbers - Part 1

Indept on Port Numbers - Part 2

In this section studnet will learn all the necessary Cyber Security skills that requred for SOC analyst

Introduction to Security CIA Encryption and Hashing

Defence InDeapth Approach

Cyber Kill chain OR Phases of Attack.mp4

Brute Force Attack and Types

Phishing and Spoofing Attacks

OWASP Top 10

DNS Tunneling Attack

Malware and its Types

In this section you learn about splunk tool and also understand the SIEM use realated aspects

Splunk installation

Splunk Universal Farward Installation

Introduction to Splunk

SOC Process

SOC Roles and Responsabilities

SIEM Architecture

In this section student will learn various Log source data for better writing the queries and also for though understanding of investigation

Uploading Demo Logs to Splunk and firewall Log analysis

Understanding Firewall Logs

Splunk Dashboard creation - Firewall Part 1

Splunk Dashboard creation - Firewall Part 2

IDS Log Analysis

DNS Profiling Scenarios Part 1

DNS Profiling Scenarios Part 2

Understanding DNS Logs

Understanding HTTP Logs Part 1

Understanding HTTP Logs Part 2

Understanding Antivirus Logs

Understanding Windows Log

Understanding Windows Event IDs

Windows Sysmon Log Analysis

In this section we will discuss various SIEM scenarios and create some queries in splunk for the same scenarios

SIEM Use cases Part 1

SIEM Use cases Part 2

SIEM Use cases Part 3

Malware outbreak Analysis

Incident Handling stages

Introduction to threat Hunting

Threat Hunting - Scanning attack on Web Server

hreat Hunting - Brute Force Attack

Email Header Analysis

This is must read content in the course

In this section you will learn interview questions of networking related concepts

what is P address and IP address classification?

What is NAT and PAT?

Tell me few port numbers which you know?

How a Firewall Works?

How VPN works?

What is Symmetric and Asymmetric Encryption?

Explain CIA triad?

What is the difference in between SSL and HTTPS?

How do you stay up to date on Cyber Security news and latest attacks

What is the difference between Virus and Warm?

Explain SQL Injection Attack

What is botnet?

What is Brute Force Attack?

SIEM related interview topics

SIEM Interview Questions and Answers

SIEM Dashboard and Use cases

What are different event logs you analyze?

Student will learn answers for the questions related to SOC process and incident Handling

What is Security Operation Center?

What are various Security Devices used in your orrganization?

How does a SOC Team manage or work in an Organization?

What are the Roles and Responsibilities of SOC Engineer?

What are the fields in Sample Incident Ticket - ServiceNow ?

what are Service level Agreements for the SOC Incidents?

What is False Positive Analysis? or what are various outcomes of Analysis?

How many Logs sources are there in your organization?

What are the steps in Incident Response Life Cycle

Can you please explain what you will do after getting an alert? (Alert IR FLow)

How will you manage work in shifts?

SIEM Alert Analysis Interview Questions

How do you handle P1, P2, P3 and P4 Incidents?

what will you do if receive a Malware Attack Alert?

How do you analyze if receive a Brute Force Attack Alert?

How do you analyze Phishing email attack?

How do you Analyze SQL Injection attack?

How do you analyze DDOS Attack?

How do you analyze if a suspicious IP detected in outbound traffic?

Discussion on Real Time Activities

Course wrapup

Course Wrapup

Career center

Learners who complete Cyber Security SOC Analyst Training - SIEM (Splunk) will develop knowledge and skills that may be useful to these careers:

Cyber Security SOC Analyst Training - SIEM (Splunk)

What's inside

Learning objective

Syllabus

Save this course

Activities

Career center

Reading list

Share

Similar courses