SOC Professional

What is SOC ?

 Security Operations Centres are used to monitor and detect threats to the organization. Once this course is completed, you will have the skills to perform your SOC responsibilities effectively. 

Security Operation Center Fundamentals
  • Security Operational Center Fundamentals
  • Key Principals and Objective of SOC
  • SOC infrastructue
  • Log management guidelines
  • Types of Alerts and Discovery
  • Various Catagories of Alerts
Security Information and Event Management
  • SIEM guidelines
  • SIEM architecture
  • Aggregation and normalization
  • Log Baselining
  • Event collection and correlation
  • Gartner’s Magic Quadrant
SIEM Solutions
  • IBM Qradar
    • Components
    • Deployment
    • Configurations
    • Console best practices
    • Qradar lab practicas
  • Splunk fundamentals and Log analysis
  • Alianvault OSSIM and USM fundamentals
Incident Response
  • Incident Response Plan
    • Purpose of incident response plan
    • Requirments of incident response plan
    • Preparation
  • Incident handling categories
    • Identification
    • Recording
    • Initial response
    • Commnucating the incdent
    • Containment
    • Formulization & response strategy
    • Classisfication
    • Investigation
    • Data collection
    • Foreniscs analysis
    • Evidance protection
    • System recovery
    • Incident documentation
    • Incident damange and cost assesment
    • Review and update policies
Incident Management
  • Incident Response Plan
    • Purpose of incident management
    • Incident management process
    • Team Building
  • Incident Response Team
    • Team role and responsibilities
    • Team Structure and Dependencies
    • Relation Between  IR, IH and IM
    • Incident response best practices
    • Checklist and Policies