SOC analyst 101
- Training Days
-
- Tuesday ,
- Saturday
- Training Duration
- 23 lessons x 2 hours
- Training Hours
- 19:00 - 21:00
- Starting Date
- Thursday, July 27
- Training Cost
- 220.000 AMD
- Information Session
- Tuesday, August 01, 19:00
- Recommended Background
- Knowledge of Computer Networking, Operating Systems and Shell Programming
Why to attend?
CyHub Armenia and Microsoft Innovation Center Armenia have developed the "SOC analyst 101" training course to provide a comprehensive foundation for anyone interested in this field.
Learning SOC (Security Operations Center) analyst skills is crucial in today's digital age, where cyber attacks are becoming increasingly common and sophisticated. As more and more organizations rely on technology to conduct their operations, protecting their data, systems, and networks from potential cyber threats has become a top priority.
By learning Cybersecurity SOC analyst skills, you'll be equipped to identify and respond to potential security incidents, prevent data breaches, and minimize damage caused by cyber attacks. You'll also gain an understanding of security tools, technologies, and best practices used by cybersecurity professionals to protect critical assets and mitigate risks.
About the course
SOC analyst 101 is a course for people who are new in Information Security Cyber Defense. It's is an accelerated training for new cyber defense team members and SOC analysts.
Students will learn the stages of security operations: how data is collected, where it is collected and how to identify threats within that data.
The language of instruction is Armenian. For details on the course, click here. To get enrolled in the course, you will need to pass the test.
Cybersecurity SOC101.1: Overview of SOC and Tools
- Blue Team Mission
- SOC Overview
- Network Defense Concepts
- Events and Alerts
- Anomalies and Incidents
- Incident Management
- Threat Intelligence
- SIEM: Building them and Using Them
- Automation and Orchestration
- Identifying Threats
Cybersecurity SOC101.2: The Network
- Corporate Network Architecture
- Traffic Capture and Analysis
- Understanding DNS
- DNS attacks and analysis
- Understanding modern HTTP(S)
- Analyzing HTTP(S)
- SMTP and Email
- Daily Protocols
Cybersecurity SOC101.3: Logging, Endpoints and Filesystems
- Endpoint Attacks
- Defending an Endpoint
- Windows Logging
- Linux/Unix Logging
- Understanding Events
- Collection, Parsing and Normalization
- Files and File Systems
Cybersecurity SOC101.4: Analysis
- Understanding Alerts
- Mental Models for InfoSec
- Analysis Techniques
- Analysis Questions and Tactics
- OPSEC!
- Intrusion Discovery
- Incident Closing and Review
Cybersecurity SOC101.5: Analytics and Automation
- SOC++
- Applying Analytics on Logs
- Analytics Design, Testing and Sharing
- Tuning
- Automation and Orchestration
- Operational Automation, Workflow and Playbooks
The prerequisite for this course is;
- Basic knowledge of TCP/IP,
- Basic knowledge of Operating Systems,
- Ability to work with the Unix command-line,
- Basic Shell Programming knowledge,
- Knowledge of Linux/Unix System Administration is a plus.
What will I be able to do after the course?
By the end of this course, you will be able to:
- Step into a SOC with confidence
- Perform alert triage and investigation
- Understand daily protocols like IP, TCP, DNS, HTTP(S), ICMP, DHCP, SMB and more
- Identify threats within your network
- Collect logs and analyze them
- Utilize network monitoring to catch attacks before they impact
- Identify and solve common security problems
At the end of the course, you will have the skills and knowledge needed to become a valuable asset to any organization and succeed in a career as a SOC analyst.
About the trainer
Antranig Vartanian is the co-founder of Illuria Security, and has more than 8 years of experience of cybersecurity.
How to apply?
Fill out the application form below and you will get invited to the free information session.