Certified SOC Analyst

The CSA program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

Virtual Training nebo e-Learning?

Máme dostatečnou flexibilitu, takže vybírat můžete jak prezenční termíny, tak online kurzy.

Zkuste živý kurz virtuálně

Target Group

A SOC Analyst continuously monitors and detects potential threats, triages the alerts, and appropriatley escalates them. Without a SOC analyst, processes such as monitoring, detection, analysis, and triaging will lose their effectiveness, ultimately negatively affecting the organization. 

  • SOC Analysts
  • Cybersecurity Analyst
  • Network Defense Analyst
  • Network Defense Technicians
  • Network and Security Engineers
  • Network and Security Administrators
  • Anyone who wants to become a SOC Analyst
Target Group

Leaning Objectives

  • Gain knowledge of Incident Response Process
  • To acquire trending and in-demand technical skills
  • Plan, organize, and perform threat monitoring and analysis in the enterprise
  • To learn to manage various SOC processes and collaborate with CSIRT at the time of need

What is CSA

The lab-intensive CSA program emphasizes the holistic approach to deliver elementary as well as advanced knowledge of how to identify and validate intrusion attempts. Through this, the candidate will learn to use SIEM solutions and predictive capabilities using threat intelligence. 

CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry.

What is CSA

Certification

Certificate | Certified SOC Analyst

Prerequisites

The CSA program requires a candidate to have 1 year of work experience in the Network Admin/ Security domain and should be able to provide proof of the same as validated through the application process unless the candidate attends official training.

Prerequisites

Schedule

První den
Skrýt agendu
Otevřít agendu

08:00 – 10:30

Incidents, Events, and Logging

  • Incident
  • Event
  • Log
  • Typical log sources
  • Need of log
  • Logging requirements
  • Typical Log format

10:30 – 10:45

Coffee break

10:45 – 12:15

  • Local logging
  • Logging approaches
  • Centralized logging

12:15 – 13:15

Lunch menu | Oběd

13:15 – 14:45

Incident Detection with Security Information and Event Management (SIEM)

  • SIEM
  • Security anlaytics
  • Need of SIEM
  • Typical SIEM Capabilities
  • SIEM Architecture and ITS Components
  • SIEM Solutions

14:45 – 15:00

Coffee break

15:00 – 17:00

  • SIEM Deployment
  • Incident Detection with SIEM
  • Examples of commonly Used Use Case Across all SIEM deployments
  • Handling Alert Triaging and Analysis

Druhý den
Skrýt agendu
Otevřít agendu

09:00 – 10:30

Security Operations and Management

  • SOC
  • Security Operations
  • Security Management
  • Need of SOC

10:30 – 10:45

Coffee break

10:45 – 12:15

  • SOC Workflow
  • SOC Capabilities
  • SOC Operations

12:15 – 13:15

Lunch Menu | Oběd

13:15 – 14:45

Understanding Cyber Threats, IoCs, and Attack Methodology

  • Cyber Threats
  • Intent - motive - goal
  • Tactics - techniques - procedures
  • Oppoturnity - vulnerability - weakness

14:45 – 15:00

Coffee break

15:00 – 17:00

  • Network level attacks
  • Host level attacks
  • Application level attacks
  • Email security threats
  • Understanding IoCs
  • Understanding attackers hacking methodology

Třetí den
Skrýt agendu
Otevřít agendu

09:00 – 10:30

Enhanced Incident Detection with Threat Intelligence

  • Understanding CTI
  • Why treat intelligence  - driven SOC

10:30 – 10:45

Coffee break

10:45 – 12:15

Incident Response

  • Incident Response Team (IRT)
  • Where Does IRTFits in the Organization
  • SOC and IRT Collaboration
  • IR process overview

12:15 – 13:15

Lunch Menu | Oběd

13:15 – 14:45

  • Preparation for Incident Response
  • Incident Recording  and Assigment
  • Incident triage
  • Notification
  • Contaiment

14:45 – 15:00

Coffee break

15:00 – 17:00

  • Evidence gathering and Forensic Analysis
  • Eradication
  • Recovery
  • Post Incident Activities
  • Responding to Network Security Incidents

CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry.

  • Délka bloku 90 minut
  • Vyučovacích hodin 24 hodin
  • Občerstvení YES
  • Zkouška

Certificate

After the completion of the CSA training, candidates will be ready to attempt the Certified SOC Analyst exam. 

Upon successful completion of the exam, with a score of at least 70%, the candidate will be entitled to the CSA certificate and membership privileges. Members are expected to adhere to recertification requirements through EC-Council’s Continuing Education Requirements.

Certificate

Exam Format

The CSA exam is designed to test and validate a candidate’s comprehensive understanding of the jobs tasks required as a SOC analyst. Thereby validating their comprehensive understanding of a complete SOC workflow.
  • Duration: 3 hours
  • Passing score 70%
  • Numbers of Questions 100
  • Test format: Multiple Choice
  • Availibity - EC-Council Exam Portal
Exam Format

Schedule

09:00 – 10:30

SOC Essential Concepts

  • Computer Network Fundementals
  • TPC/IP Protocol Suite
  • Transport Layer Protocols

10:30 – 10:45

Coffee break

10:45 – 12:15

Network Security Controls, Devices

  • What is firewall?

Windows Security

  • Patch Management

12:15 – 13:15

Lunch | Oběd

13:15 – 14:45

Security, Operations and Management

  • Security Management, Operations
  • SOC
  • SOC Capabilities

14:45 – 15:00

Coffee break

15:00 – 17:00

Understanding, Cyber Threats, IoCs, and Attacks Methodology

  • Network level attacks
  • Host level attacks

The Certified SOC Analyst (CSA) program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

  • Délka bloku 45 minut
  • Vyučovacích hodin 2 hodin
  • Občerstvení
  • Zkouška

To musíte mít

To musíte mít

Stáhněte si do mobilu svoji aplikaci dřív, než přijdete na kurz.

Bezplatná mobilní aplikace pro projektové manažery. Výkladový a překladový slovník.

Obsahuje konsolidované termíny a definice tisíců manažerských výrazů v oblasti řízení projektů, programů, portfolia, rizik, enterprise architektury, bezpečnosti a ochrany osobních údajů dle standardů:

  • PRINCE2®, MSP®, MoP®
  • MoR®, ISMS, GDPR, ZoKb
  • TOGAF, ArchiMate, ITIL, ITSM a mnoho další

Slovník >

To musíte mít

Jak kurz hodnotí absolventi?

V čem jsou naše reference výjimečné? Nejsou to jednorázové akce. K nám se lidé vrací rádi a nezavírají před námi dveře.

Podívejte se na úplný seznam referenčních klientů, kteří na nás nedají dopustit.

Vaše hodnocení
*****

Chcete to připravit na míru? Kontaktujte nás!

Zavolejte nám a my vám poradíme.

Jsme vám k dispozici na telefonním čísle +420 222 553 101 vždy od pondělí do pátku: 9:00 - 17:00.

*položky označené hvězdičkou jsou povinné

Chcete získat dárek k narozeninám?