Domain 3 : Malware Analysis Introduction to Malware Analysis Why it is important What are Malwares? Types of Malwares Types of Malware Analysis Concept of Sandboxing Configuring Malware Lab Installation, Settings, Snapshots Static Analysis [Practical] PE Analysis Strings Hashing Local and Online Scanning YARA and yarGen Dynamic Analysis Introduction to SysInternals Process Monitoring Autoruns Port Monitoring Anti-Sandboxing Techniques Domain 4 : Threat Hunting Introduction to Threat Hunting Threat Hunting vs Threat Detection Incident Response & Threat Hunting Relationship Types of Hunts Threat Hunting Hypothesis Threat Hunting Model Diamond Model of Intrusion Analysis LOTL & GTFO Bins based Techniques Malware Campaigns & APTs MITRE ATT&CK Framework [Practical] Pre and Post Compromise Detection with Mitre ATT&CK Hunting Hypothesis and Methodology Network Traffic Hunting [Practical] Section Introduction HTTP and HTTPS traffic suspects Network Hunting and Forensics Wireshark, Network Miner Endpoint Hunting [Practical] Introduction Windows Processes Smss.exe Winlogon.exe Wininit.exe Services.exe Lsass.exe Svchost.exe Taskhost.exe Explorer.exe Endpoint Baselines

SOC Specialist Online Training Course

Q: SOC Operations and Architecture

Domain 1 : SOC Operations and Architecture Advance SOC Operations Building a successful SOC SOC Services: Security Monitoring, Incident Response, Security Analysis, Threat Hunting, Vulnerability Management, Log Management, Malware Analysis, etc. SOC Maturity Models, SOC-CMM SIEM and Automation SOAR EDR vs XDR MDR & MSSP Domain 2 : Incident Responder & Forensics Specialists Incident Response Process Overview Digital Forensics in Incident Response The 6 A’s of Forensics Process Anti – Forensics Techniques Evidence Destruction Volatile vs Non-Volatile Data Live Acquisition – KAPE Network Forensics [Practical] Network Traffic Analysis Post-Mortem Analysis Real-Time Analysis Tools : Wireshark, Network Miner, TCPDump, etc. Introduction to Wireshark PCAP Analysis – 1 Malware Traffic Analysis – 1 Malware Traffic Analysis – 2 System Forensics Disk Based Forensics [Practical] Concept of Disk Imaging – FTK Imager Disk Analysis with Autopsy Memory Based Forensics [Practical] Memory Acquisition – Ram Dump Introduction to Volatility Memory Analysis with Volatility Identifying Malicious Processes with Volatility

Q: SIEM – Nervous System of SOC

Domain 5 : SIEM – Nervous System of SOC Using IBM QRadar [Practical] Introduction to QRadar QRadar SIEM Component Architecture and Data Flow Using QRadar SIEM User Interface Working with Logs Working with Events of an Offense Investigating Events & Flows Developing Custom Rules Creating Reports

SOC Specialist Online Training Course [Edition 2023]

Read Reviews

The newly developed SOC Specialist training course is tailored to enhance the expertise of existing SOC Analysts in advanced SOC operations and architecture. Participants will gain insights into real-time security incident detection through monitoring and analyzing data activity. Crucial topics covered in this course include VAPT, IBM QRadar, threat hunting, and advanced SIEM concepts such as the ELK stack primer.

SOC SPECIALIST COURSE HIGHLIGHTS

Accredited By

Enroll Now

Choose Your Preferred Learning Mode

1-TO-1 TRAINING

ONLINE TRAINING

CORPORATE TRAINING

Benefits of Getting Training Clicks Certified

Industry-Recognized Expertise

Hands-On Skills

Higher Earning Potential

Career Advancement

Employer Confidence

SOC Specialist Course Description

Overview

At the heart of the organization’s security teams are SOC Specialists who detect and respond to emerging cyber threats and suspicious activities. Training Clicks offers a specialized SOC Specialist training course designed for candidates seeking to adeptly avoid, identify, assess, and respond to cybersecurity threats and incidents. This course, the second installment in a series including Part 1-SOC Analyst and Part 2-SOC Specialist, focuses on equipping participants with the latest technical skills necessary to excel in advanced SOC operations. By completing this training, participants will be better equipped to safeguard their organization’s digital assets.

Why SOC Specialist Training with Training Clicks?

Training Clicks is a globally recognized technology and security training and consulting organization, specializing in a wide array of IT security courses and services. Our SOC Specialist training program is specifically designed to cultivate advanced skills essential for Security Operation Centers. By choosing Training Clicks, you can access the following benefits:

We deliver hands-on training with Labs.
We provide a flexible training schedule.
We provide recorded videos after the session to each participant.
We provide post-training assistance.
We provide a certificate of participation to each candidate as well.
We engage with SOC Analysts to help them understand effective techniques and best practices.
We provide hands-on experience with tools like Splunk, Security Onion, AlienVault OSSIM, Wireshark, IBM QRadar CE.
We can help you present your qualifications and work experience for the position of SOC Analyst role.

Why SOC Specialist Tools covered?

FTK Imager
Autopsy
Volatility
Magnet Ram Capture
PE Studio
Mitre ATT&CK
Mitre Navigator
MxToolBox
HashCalc
Autoruns
Wireshark
Network Miner
Kali Linux
IBM QRadar
Cyber Chef
SysInternals Suite
Command Line Tools for Linux/Windows
KAPE

Target Audience

Senior SOC Consultant Incident Responder L1, L2 Cyber Security Analysts Information Security Researcher Intermediate-level Information Security role Anyone Who wants to become SOC Specialist or Expert SOC Analysts (L1, L2 or L3) SOC Administrators Security Consultants

Pre-Requisites

In-depth Knowledge of Windows and Linux Operating System Deep Knowledge of Information Security Intermediate or Expert Knowledge for SOC Operations Centre Working on L1 / L2 Role Minimum 2 years of experience in SOC InfosecTrain SOC Analyst L1 Training or Exam Clearance Advanced Operating System Concepts & Troubleshooting is recommended

SOC Specialist Course Content

SOC Operations and Architecture

Domain 1 : SOC Operations and Architecture

Advance SOC Operations
Building a successful SOC
SOC Services: Security Monitoring, Incident Response, Security Analysis, Threat Hunting, Vulnerability Management, Log Management, Malware Analysis, etc.
SOC Maturity Models, SOC-CMM
SIEM and Automation
SOAR
EDR vs XDR
MDR & MSSP

Domain 2 : Incident Responder & Forensics Specialists

Incident Response Process Overview
Digital Forensics in Incident Response
The 6 A’s of Forensics Process
Anti – Forensics Techniques
Evidence Destruction
Volatile vs Non-Volatile Data
Live Acquisition – KAPE
Network Forensics [Practical]
- Network Traffic Analysis
  - Post-Mortem Analysis
  - Real-Time Analysis
- Tools : Wireshark, Network Miner, TCPDump, etc.
- Introduction to Wireshark
- PCAP Analysis – 1
- Malware Traffic Analysis – 1
- Malware Traffic Analysis – 2
System Forensics
- Disk Based Forensics [Practical]
  - Concept of Disk Imaging – FTK Imager
  - Disk Analysis with Autopsy
- Memory Based Forensics [Practical]
  - Memory Acquisition – Ram Dump
  - Introduction to Volatility
  - Memory Analysis with Volatility
  - Identifying Malicious Processes with Volatility

Malware Analysis

Domain 3 : Malware Analysis

Introduction to Malware Analysis
- Why it is important
What are Malwares?
Types of Malwares
Types of Malware Analysis
Concept of Sandboxing
Configuring Malware Lab
- Installation, Settings, Snapshots
Static Analysis [Practical]
- PE Analysis
- Strings
- Hashing
- Local and Online Scanning
- YARA and yarGen
Dynamic Analysis
- Introduction to SysInternals
- Process Monitoring
- Autoruns
- Port Monitoring
- Anti-Sandboxing Techniques

Domain 4 : Threat Hunting

Introduction to Threat Hunting
Threat Hunting vs Threat Detection
Incident Response & Threat Hunting Relationship
Types of Hunts
Threat Hunting Hypothesis
Threat Hunting Model
Diamond Model of Intrusion Analysis
LOTL & GTFO Bins based Techniques
Malware Campaigns & APTs
MITRE ATT&CK Framework [Practical]
- Pre and Post Compromise Detection with Mitre ATT&CK
- Hunting Hypothesis and Methodology
Network Traffic Hunting [Practical]
- Section Introduction
- HTTP and HTTPS traffic suspects
- Network Hunting and Forensics
- Wireshark, Network Miner
Endpoint Hunting [Practical]
- Introduction
- Windows Processes
  - Smss.exe
  - Winlogon.exe
  - Wininit.exe
  - Services.exe
  - Lsass.exe
  - Svchost.exe
  - Taskhost.exe
  - Explorer.exe
- Endpoint Baselines

SIEM – Nervous System of SOC

Domain 5 : SIEM – Nervous System of SOC

Using IBM QRadar [Practical]
- Introduction to QRadar
- QRadar SIEM Component Architecture and Data Flow
- Using QRadar SIEM User Interface
- Working with Logs
- Working with Events of an Offense
- Investigating Events & Flows
- Developing Custom Rules
- Creating Reports

Need Customized Curriculum?

GET A FREE DEMO CLASS

24/7 Support

9145004817

Send Email

admin@trainingclicks.in

Related Courses

SOC Expert Combo Online Training Course

SOC Analyst Online Training Course

Review's Of Clients

We take immense pride in the glowing reviews of our clients, a testament to the unparalleled quality of our services and the trust they place in our expertise to meet their unique needs.

My experience with Training Clicks’ Cyber Security course was exceptional. The curriculum was comprehensive, covering a wide range of topics with depth and clarity. The instructors were highly knowledgeable and provided valuable insights into the latest cyber threats and defense strategies.

 5/5

Training Clicks’ Cloud Security course exceeded my expectations. The content was relevant and up-to-date, providing a thorough understanding of cloud security principles and best practices. The instructors were skilled. I highly recommend this course to anyone looking to strengthen their knowledge of cloud security and advance their career in this field.

 4/5

Enrolling in Training Clicks’ Defensive Security course was undoubtedly one of the best decisions I’ve made for my career. The course content was comprehensive, delving deep into various defensive strategies and techniques to protect against cyber threats.