Danh mục
Duocmmo Tedu Tin học văn phòng Laravel Cyberlearn Khoá học miễn phí Tất cả khoá học
Get link khoá học
Trang chủ
IT & Software
Network & Security
Security Operations Center (SOC) Analyst Skills
Complete SOC Analyst Course with Splunk Enterprise - 2023

Complete SOC Analyst Course with Splunk Enterprise - 2023

Loại khoá học: Network & Security

Become a soc analyst in MSSP organizations with latest tactics and techniques | includes Splunk enterprise, Qulays Guard

image
50.000 VND
26 VND
Đầy Đủ Bài Giảng
Học Online Tiện Lợi
Kích Hoạt Nhanh 2-5 Phút
Thanh toán tự động
Được phép tải xuống

Tổng quan

Nội dung khoá học

Đánh giá

Mô tả

Hi Techies..!

Welcome to the Complete SOC Analyst Course from SiemHunters. This course that has potential to change your Professional life into defense side cyber security domain. this course made from our industrial cyber security expert Mr. Gopi Pakanati and Instructor Ramya Sri Pachala.


In this course content helps to level up your skills in Cyber threats, endpoint protections, Threat Intelligence to become a soc analyst in large MSSP organizations. you will learn ethical hacking topics how to detect modern cyber attacks, and zero-day vulnerabilities.


Course Outline:

Complete Kali Linux Commands-Line:  To understand the how attackers execute offensive commands in your infra to gain unauthorized access.

Advanced Cyber Threats: To understand latest threats, and attacks in modern attack surface.

Introduction of SOC: To understand basic terminology of soc and infra

Local Logging & IOC: Understand local log locations in different OS systems and working with event Viewer to understand the windows level logs and events

SIEM Deployment: To understand Splunk enterprise deployment (UF & HF) along with configurations of (inputs, outputs, and transforms files)

SIEM Use-cases: understanding use cases creation of the threats to identify the malicious activity.

SIEM Investigations: Investigate latest threats in web applications, network and endpoint level

Threat Intelligence: Using threat intelligence to gather adversaries tactics, and techniques using operations, tactical, technical, and operations intelligence.

Incident Response: Understanding the IR steps and root cause analysis of the incidents, and eradication process
Qualys Web Application: Working with qualys guard to initiate scans and working with VA (Vulnerability assessments) based Reports

Qualys Guard VM: Working with qualys guard vm to identify the endpoint level threats, working with De-install tasks, and understanding the vulnerability and share the report to the respective teams for resolution,


This Course designed for:


  • who wanted to become a soc analyst in MSSP organizations

  • New fresher graduates in cyber security or other fields

  • who explore cyber security to become a cyber expert

  • Cyber security Analyst

  • Security Analyst

  • Cyber Security Managers

  • Qualys guard VM based reports

  • IT Professionals


All the best techies..!

Bạn sẽ học được gì

In this course you'll learn Security operations center L1 & L2 with Log integration and finetunning

You'll learn threat intelligence and Incident response

from basic networking topics and Ethical hacking topics to understand the attack defense

become a soc analyst in MSSP environments with splunk enterprise tools

You'll learn log integration with use case creation and understand the incident triage

understand Splunk enterprise integration and use cases creation

SOC local loggining, Indicators of the compromise and log agent integrations

Yêu cầu

  • No prior experience needed, You will learn from basic networking to Incident response

Nội dung khoá học

11 sections

Complete Kali Linux Commands for SecOps

24 lectures
Kali Linux Setup
17:05
Users management
09:53
Directories in Kali Linux
13:05
Services in Kali Linux
03:44
Servers in Kali Linux
06:12
Metasploit Framework
23:19
Important tools for Security Expert
26:15
Cat command
07:48
Cal command
04:29
cd command
07:00
cmp diff command
06:28
cp command
07:07
egrep command
08:51
File permissions command
06:35
find files by names command
05:38
grep command
09:47
ls command
05:24
mkdir command
06:05
modes command
05:46
rm command
05:53
sort command
06:20
uname command
05:41
uniq command
07:47
Who-is-logged command
03:57

SOC Fundamentals

7 lectures
Tcp/IP Model
05:20
Types of Networks (LAN, WAN, MAN, WALN)
03:00
Application layer protocols (DNS, dns packet analysis, DNSSEC, how dns works)
11:27
Transport Layer Protocol (Tcp, UDP, SSL, TLS)
04:47
Internet layer (IP, IPv4 vs IPv6, IPsec, ARP, IGRP)
09:35
link layer Protocols: (WEP, WPA, WPA2, CDP - CISCO, LEAP/PEAP,)
06:05
Network Security devices: (Firewall, h/w Firewall, s/w firewall, types, policie)
10:28

MODULE 1 - Security Operations and Management

9 lectures
Security Management
03:44
Capabilities of SOC
02:37
Typical functions of Soc Operations
02:30
SOC Workflow
01:21
Components of SOC
04:40
Types of SOC Models
04:08
SOC Vs NOC
02:04
Security Operations
04:03
Need of SOC
01:45

Understanding Common Security Threats

21 lectures
Nessus VA
10:07
Dumping & Cracking SAM hashes to extract plaintext passwords
07:44
Windows Registry entry monitoring for suspicious activities
05:54
Startup program monitoring tool
04:40
Spoofing MAC addresses using SMAC
05:34
Detecting ARP attacks
04:43
DOS attack - SYN flood attack using hping3
04:41
Snort IDS - Detecting intrusions
30:52
Bypass windows firewall using NMAP evasion techniques
06:05
Bypassing Firewall rules using HTTP/FTP Tunneling
18:45
Cracking FTP credentials using Dictionary attack
06:13
Exploiting parameter tampering and XSS Vulnerabilities
08:24
Exploiting RCE - Remote code execution vulnerabilities
10:52
Exploiting LFI&RFI Vulnerabilities
11:03
Exploiting CSRF attacks
11:52
Exploiting SQL injection attacks - Practical approach
13:37
Exploiting MSSQL using webshell to extract databases (Exfiltration)
10:42
Wireless Packet analysis using Wireshark
03:28
Cryptography - Calculate the hashes using the Hashcalc
03:39
Cryptography - calculate the hashes using MD5 hash calculator
01:44
Cryptography - Basic Disk encryption using the Veracrypt
06:10

MODULE 2 - Understanding Cyber Threats, IoCs, and and Attack Methodology

19 lectures
Cyber Threats
05:41
Intent-Motive-Goal
01:48
Tactics-Techniques-Procedures
01:51
Opportunity-Vulnerability-Weakness
02:24
Network Level Attacks 1
09:12
Network Level Attacks - 2
06:10
Application Level Attacks
10:36
Host,Application Level Attacks
05:30
Network,Host,Application Level Attacks - 5
02:31
Cyber Threat IoCs
12:31
Malware Threats IOC - 2
08:33
Hacking Methodologies
08:00
CSA Brute Force demo
07:46
CSA Proxy Switcher demo
04:20
lab 1 - Understanding the Working of SQL Injection Attacks
05:49
lab 2 - Understanding the Working of XSS Attacks
04:07
lab 3 - Understanding the Working of Network Scanning Attacks
04:46
lab 4 - Understanding the Working of Brute Force Attacks
03:49
lab 5 - Detecting and Analyzing IoCs using Wireshark
13:59

MODULE 3 - Incidents, Events, and Logging

15 lectures
Log , Event and Incident
02:05
Centralized Logging challenges - 1
05:39
Centralized Logging challenges - 2
05:13
Typical Log Sources
00:58
Need of Log
03:01
Logging Requirements
01:40
Typical Log Format
02:37
Local Logging - 1
05:36
Local Logging - 2
09:05
Local Logging - 3
05:03
Local Logging - 4
04:23
Local Logging - 5
06:39
lab 1 - Configuring, Monitoring, and Analyzing Windows Logs
08:53
lab 2 - Configuring, Monitoring, and Analyzing IIS Logs
09:06
lab 3 - Configuring, Monitoring, and Analyzing Snort IDS Logs
22:32

MODULE 4 Incident Detection with Security Information and event management

23 lectures
Need of SIEM
02:07
Typical SIEM Capabilities
03:08
SIEM Architecture and its Components
03:55
SIEM Solutions
03:14
SIEM Deployment - 1
04:46
SIEM Deployment - 2
04:45
Incident Detection with SIEM and Use Case Examples For Application Level Inciden
08:20
Use Case Examples For Insider Incident Detection
05:00
Use Case Examples For Network Level Incident Detection - 1
05:03
Use Case Examples For Network Level Incident Detection - 2
08:59
Use Case Examples For Host Level Incident Detection
05:34
Handling Alert Triaging and Analysis
06:10
splunk deployment
30:35
CSA SQL Injection Demo
05:58
XSS Attack Demo
04:41
Working with SPLUNK and SEARCH Demo
17:04
lab 1 - Host Level Incident Detection: Creating Splunk Use Case for Detecting an
10:01
lab 2 - Application Level Incident Detection: Creating Splunk Use Case for Detec
07:03
Security Information and Event Management (SIEM)
01:54
lab 2 - Application Level Incident Detection: Creating Splunk Use Case for Detec
05:53
lab 3 - Network Level Incident Detection: Creating Splunk Use Case for Detecting
12:25
lab 4 - Host Level Incident Detection: Creating ELK Use Case for Monitoring Trus
18:28
Lab 5 - Host Level Incident Detection: Creating ELK Use Case
04:36

MODULE 5 - Enhanced Incident Detection with Threat intelligence

11 lectures
Cyber Threat Intelligence (CTI)
02:37
Types of Threat Intelligence - 1
06:07
Types of Threat Intelligence - 2
04:53
Threat Intelligence-driven SOC
02:00
Benefit of Threat Intelligence to SOC Analyst
01:21
Threat Intelligence Use Cases for SOC Analyst
02:07
Integration of Threat Intelligence into SIEM
01:46
Threat Intelligence Use Cases for Enhanced Incident Response
02:13
Enhancing Incident Response by Establishing SOPs for Threat Intelligence
02:06
lab 1 - Enhanced Incident Detection with Threat Intelligence
30:11
lab 2 - Integrating OTX Threat Data in OSSIM
06:32

MODULE 6 - Incident Response

17 lectures
Incident response
03:11
SOC and IRT Collaboration
01:16
Incident Response (IR) Process Overview - 1
08:16
Incident Response (IR) Process Overview - 2
05:17
Incident Response (IR) Process Overview - 3
14:20
Incident Response (IR) Process Overview - 4
07:15
Incident Response (IR) Process Overview - 5
09:50
Responding to Network Security Incidents
09:57
Responding to Application Security Incidents
12:21
Responding to Email Security Incidents
05:12
Responding to an Insider Incidents
07:53
Responding to an Malware Incidents
04:34
CSA eradicating SQL and XSS Injection demo
09:54
lab 1 - Generating Tickets for Incidents
22:21
lab 2 - Eradicating SQL Injection and XSS Incidents
11:40
lab 3 - Recovering from Data Loss Incidents
18:16
lab 4 - Creating Incident Reports using OSSIM
04:51

Qualys Web Application Scanning

5 lectures
Qualys Web Application overview
01:00
Qualys Knowledge base and search lists
00:42
Basic Web application setup
07:19
Scheduled Scans
03:10
Web Application scans Sitemap
01:16

Qualys Cloud Agent & Qualys Vulnerability Management (VM)

46 lectures
Lab 1 - Cloud Agent deployment
06:20
Lab 2 - Agent Installation Components
03:00
Lab 3 - Command_Line Installations Windows
10:12
Lab 4 - Command Line installations - MSI
02:36
Lab 5 - Validate CA installation & Locate HOST ID
01:06
Lab 6 - CA Log file & Troubleshoot
02:14
Lab 7 - Asset Details & Queries
04:29
Lab 8 - Windows Self-Protection feature
01:42
Lab 9 - Configuration and Tunning the cloud agent
14:52
Lab 10 - Scan-On-Demand VMDR
10:58
Lab 11 - De-Install (Activate, De-activate, Uninstall Agents)
04:05
Lab 1 - Account Setup & Application
04:49
Knowledge base & Search Lists
04:31
Lab 2 - Working with Knowledge base
05:32
Lab 3 - Working with SeachLists
04:31
Lab 4 - Working with Asset tags
07:53
Lab 5 - Working with Asset Search
05:46
Asset & Asset inventory
04:19
Asset Groups
03:39
Asset Tagging
04:28
Using Asset tags
04:32
Using Asset groups
05:13
Lab 6 - Working with Asset groups
04:13
Scan by Hostname
05:09
Vulnerability Assessment
05:07
Benefits of Vulnerability Assessment and Scanning
03:51
VM Life cycle and Sensors
06:04
Lab 7 - Working with Vulnerability Assessment
03:37
Lab 8 - Authentication Records
05:29
Lab 9 - Launch Scan
06:01
Scan Configuration
04:28
Scheduling Assessment Scans
04:30
View Scan results
03:12
Lab 10 - Scheduled Scans
03:38
User management
04:24
Lab 11 - Creating user account
03:57
Vulnerabilities Remediation
04:53
Lab 12 - Assign Vulnerability to User.
03:36
Lab 13 - Ignore Vulnerabilities
03:09
Lab 14 - Create Remediation Report
01:43
Report overview
04:01
Report overview
04:01
Lab 15 - Reporting
04:13
Lab 16 - Scheduled Reports
03:08
Lab 17 - Custom Report templates
05:47
Discounted Vouchers for CSA
00:03

Đánh giá của học viên

Chưa có đánh giá
Course Rating
5
0%
4
0%
3
0%
2
0%
1
0%

Bình luận khách hàng

Viết Bình Luận

Bạn đánh giá khoá học này thế nào?

Khoá học liên quan

Ethical Hacking Course by Black Hat Pakistan

Ethical Hacking Course by Black Hat Pakistan

26 VND
50.000 VND
AWS Cloud for beginner (Vietnamese)

AWS Cloud for beginner (Vietnamese)

90 VND
50.000 VND
OpenStack Essentials

OpenStack Essentials

1.499.000 VND
50.000 VND
Java Certification : OCA (1Z0-808) Exam Simulation [2023]

Java Certification : OCA (1Z0-808) Exam Simulation [2023]

1.399.000 VND
50.000 VND
Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

1.049.000 VND
50.000 VND
Reverse Engineering and Malware Analysis Fundamentals

Reverse Engineering and Malware Analysis Fundamentals

1.399.000 VND
50.000 VND
Microsoft Windows Server 2016 Training for Beginners

Microsoft Windows Server 2016 Training for Beginners

1.799.000 VND
50.000 VND
Learn Autocad API with C# - MVVM - WPF

Learn Autocad API with C# - MVVM - WPF

25 VND
50.000 VND
Ultimate AWS Certified Solutions Architect Associate SAA-C03

Ultimate AWS Certified Solutions Architect Associate SAA-C03

185 VND
50.000 VND
Website Hacking / Penetration Testing

Website Hacking / Penetration Testing

95 VND
50.000 VND
10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

26 VND
50.000 VND
MongoDB : A Complete Database Administration Course

MongoDB : A Complete Database Administration Course

999.000 VND
50.000 VND
Become Zabbix Administrator For Expert

Become Zabbix Administrator For Expert

799.000 VND
50.000 VND
Learn 5 PLCs in a Day-AB, Siemens, Schneider, Omron & Delta

Learn 5 PLCs in a Day-AB, Siemens, Schneider, Omron & Delta

90 VND
50.000 VND
C++ Data Structures & Algorithms + LEETCODE Exercises

C++ Data Structures & Algorithms + LEETCODE Exercises

120 VND
50.000 VND
From Wire to PLC , A Bootcamp In Industrial Automation

From Wire to PLC , A Bootcamp In Industrial Automation

2.499.000 VND
50.000 VND
image

Đăng ký get khoá học Udemy - Unica - Gitiho giá chỉ 50k!

Get khoá học giá rẻ ngay trước khi bị fix.

Get khoá học cho tôi