Cyber Security SOC Analyst Training SIEM Splunk 2022
What you’ll learn
Student will gain the knowledge of Networking, Cyber Security and SOC analyst role activities content with hands on practicals
There are no course prerequisites. You should know how to use internet and computer
Cyber Security SOC analyst training Splunk (SIEM) For those who are aspiring to certify themselves as well as enhance their knowledge and skills on becoming a SOC analyst. This course is specially designed for all level of interested candidates who wants get in to SOC.Work of a SOC analyst?A Security Operation Center Analyst is primarily responsible for all activities that occur within the SOC. Analysts in Security Operations work with Security Engineers and SOC Managers to give situational awareness via detection, containment, and remediation of IT threats. With the increment in cyber threats and hacks, businesses are becoming more vulnerable to threats. This has significantly enhanced the importance of a SOC Analyst. For those in cybersecurity, it can be a dynamic role. SOC Analysts cooperate with other team members to detect and respond to information security incidents, develop and follow security events such as alerts, and engage in security investigations.Furthermore, SOC Analysts analyze and react to undisclosed hardware and software vulnerabilities. They also examine reports on security issues and act as ‘security advisors’ for an organization.This course helps you to learn and implement those strategies and with training provided. This will in turn help you play a significant role in defending against cyber threats and keeping sensitive information secure.
Section 1: Course Introduction
Lecture 1 1. Cyber Security Analyst – Intro to Course Content
Section 2: Networking Concepts
Lecture 2 Introduction to organization Network
Lecture 3 Introduction to organization Network
Lecture 4 ISO Model – Application and Presentation Layer Basics
Lecture 5 ISO Model – Session, Transport, Network and DataLink Layer Basics
Lecture 6 ISO Model Recap AND Public/Private Address Range
Lecture 7 Introduction to web technology
Lecture 8 Understanding HTTP protocol Part 1
Lecture 9 Understanding HTTP Part 2 and Understanding Service Ports Part 1
Lecture 10 Understanding SMB, SMTP, Telnet, SSH, FTP, SMTP, MySql Services.
Lecture 11 Introduction to Windows – Types of Wiondows OS and Permissions
Lecture 12 Windows OS – Computer Management, Utilities
Lecture 13 Indept on Port Numbers – Part 1
Lecture 14 Indept on Port Numbers – Part 2
Section 3: Cyber Security Concepts
Lecture 15 Introduction to Security CIA Encryption and Hashing
Lecture 16 Defence InDeapth Approach
Lecture 17 Cyber Kill chain OR Phases of Attack.mp4
Lecture 18 Brute Force Attack and Types
Lecture 19 Phishing and Spoofing Attacks
Lecture 20 DNS Tunneling Attack
Lecture 21 Malware and its Types
Lecture 22 OWASP Top 10
Section 4: Understanding Splunk, SIEM and SOC Process
Lecture 23 Splunk installation
Lecture 24 Splunk Universal Farward Installation
Lecture 25 Introduction to Splunk
Lecture 26 SOC Process
Lecture 27 SOC Roles and Responsabilities
Lecture 28 SIEM Architecture
Section 5: Understanding Various Logs, Dashboard and Alert creations
Lecture 29 Uploading Demo Logs to Splunk and firewall Log analysis
Lecture 30 Understanding Firewall Logs
Lecture 31 Splunk Dashboard creation – Firewall Part 1
Lecture 32 Splunk Dashboard creation – Firewall Part 2
Lecture 33 IDS Log Analysis
Lecture 34 DNS Profiling Scenarios Part 1
Lecture 35 DNS Profiling Scenarios Part 2
Lecture 36 Understanding DNS Logs
Lecture 37 Understanding HTTP Logs Part 1
Lecture 38 Understanding HTTP Logs Part 2
Lecture 39 Understanding Windows Log
Lecture 40 Understanding Windows Event IDs
Lecture 41 Windows Sysmon Log Analysis
Lecture 42 Understanding Antivirus Logs
Section 6: Walkthrough SIEM usecases and Incident Handling Stages
Lecture 43 SIEM Use cases Part 1
Lecture 44 SIEM Use cases Part 2
Lecture 45 SIEM Use cases Part 3
Lecture 46 Malware outbreak Analysis
Lecture 47 Incident Handling stages
Section 7: Introduction to threat Hunting
Lecture 48 Threat Hunting – Scanning attack on Web Server
Lecture 49 hreat Hunting – Brute Force Attack
Lecture 50 Email Header Analysis
Section 8: Networking and Security Interview Questions
Lecture 51 what are networking devices?
Lecture 52 what is P address and IP address classification?
Lecture 53 What is NAT and PAT?
Lecture 54 Tell me few port numbers which you know?
Lecture 55 How a Firewall Works?
Lecture 56 How VPN works?
Lecture 57 What is Symmetric and Asymmetric Encryption?
Lecture 58 Explain CIA triad?
Lecture 59 What is the difference in between SSL and HTTPS?
Lecture 60 How do you stay up to date on Cyber Security news and latest attacks
Lecture 61 What is the difference between Virus and Warm?
Lecture 62 Explain SQL Injection Attack
Lecture 63 What is botnet?
Lecture 64 What is Brute Force Attack?
Lecture 65 SIEM related interview topics
Section 9: SIEM Interview Questions and Answers
Lecture 66 SIEM Dashboard and Use cases
Lecture 67 What are different event logs you analyze?
Section 10: SOC Process Interview Questions and Day to Day Activities
Lecture 68 What is Security Operation Center?
Lecture 69 What are various Security Devices used in your orrganization?
Lecture 70 How does a SOC Team manage or work in an Organization?
Lecture 71 What are the Roles and Responsibilities of SOC Engineer?
Lecture 72 What are the fields in Sample Incident Ticket – ServiceNow ?
Lecture 73 what are Service level Agreements for the SOC Incidents?
Lecture 74 What is False Positive Analysis? or what are various outcomes of Analysis?
Lecture 75 How many Logs sources are there in your organization?
Lecture 76 What are the steps in Incident Response Life Cycle
Lecture 77 Can you please explain what you will do after getting an alert? (Alert IR FLow)
Lecture 78 How will you manage work in shifts?
Lecture 79 How do you handle P1, P2, P3 and P4 Incidents?
Section 11: SIEM Alert Analysis Interview Questions
Lecture 80 How do you analyze if receive a Brute Force Attack Alert?
Lecture 81 what will you do if receive a Malware Attack Alert?
Lecture 82 How do you analyze Phishing email attack?
Lecture 83 How do you Analyze SQL Injection attack?
Lecture 84 How do you analyze DDOS Attack?
Lecture 85 How do you analyze if a suspicious IP detected in outbound traffic?
Section 12: Discussion on Real Time Activities
Lecture 86 Discussion on Real Time Activities
Section 13: Course wrapup
Lecture 87 Course Wrapup
Students who are interested in Cyber security
Udemy | English | 87h 30m | 56.10 GB
Created by: Raghavendra Boya