Winsomesoft

SOC Analyst training

SOC Analyst Training Content

Introduction of Cyber security-SOC

• What is Cyber security and Why to lean Cyber security
• Cyber Security Carrier path
• How to become a Cyber security Engineer
• Cyber Security Certifications
• What is SOC and a Day of SOC analyst

Basics of Network and security

• What is Networking
• MAC Address & IP Address
• OSI Model and each layer explanation
• TCP IP Protocol Suite
• TCP Header
• IP header
• NAT
• PAT
• Basics of Wireshark
• What is UDP Protocol
• UDP Header and UDP header fields
• What is the ICMP Protocol
• ICMP Header and Header fields
• Common Attacks Performed with ICMP Protocol
• Protocols v/s Ports
• Basics of FTP, Telnet, SSH & SMTP
• What is ARP Protocol
• What Is HTTP & How does it works
• What is DHCP & How does it works
• What is DNS & How does it works

Types of Network Device and Working

• Routers
• Switches

Types of Network Security Devices and Working

• Firewalls
• IPS/IDS
• Proxy

Windows and Linux

• Workgroup & Domain
• Windows Password
• Windows Authentication
• Linux Basics
• Windows & Linux Logs

Malware and System Hacking

• CIA triangle
• Vulnerability, Threat and Risk
• What is Malware and Types of Malware
• SOC daily operation and task
• Use cases-Network monitoring
• Use cases-Windows

Endpoint Security

•  Endpoint Security
• Next Generation AV and endpoint protection
• Use cases
• Carbon Black
• Crowd strike

Web application Security

• OWASP
• Web application Attacks
• Use cases on Web application attacks

Common Attacks   

• DDOS
• DNS amplification attack
• IP Spoofing
• MAC Spoofing…. etc.

Security Frame work

• Cyber Kill chain
• Incident response with real world scenarios
• ATT & CK MITRE   Security framework

SIEM

• Introduction of Splunk and Arcsight
• Components of Splunk and Arcsight
• Splunk and Arcsight Architecture
• Basic Search Performing in Splunk

Top 10 Alerts and Performing analysis