Certified SOC Analyst

The CSA program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

Filtrování nabídky kurzů

Měna | EUR

Ve výběru ještě nebyly vypsány žádné termíny.

Target Group

A SOC Analyst continuously monitors and detects potential threats, triages the alerts, and appropriatley escalates them. Without a SOC analyst, processes such as monitoring, detection, analysis, and triaging will lose their effectiveness, ultimately negatively affecting the organization. 

  • SOC Analysts
  • Cybersecurity Analyst
  • Network Defense Analyst
  • Network Defense Technicians
  • Network and Security Engineers
  • Network and Security Administrators
  • Anyone who wants to become a SOC Analyst
Target Group

Leaning Objectives

  • Gain knowledge of Incident Response Process
  • To acquire trending and in-demand technical skills
  • Plan, organize, and perform threat monitoring and analysis in the enterprise
  • To learn to manage various SOC processes and collaborate with CSIRT at the time of need

What is CSA

The lab-intensive CSA program emphasizes the holistic approach to deliver elementary as well as advanced knowledge of how to identify and validate intrusion attempts. Through this, the candidate will learn to use SIEM solutions and predictive capabilities using threat intelligence. 

CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry.

What is CSA

CERTIFIED SOC ANALYST (CSA)

NASCIO Representing Chief Information Office of the States revealed in over a year-long survey (July 2016 – December 2017), “since the creation of the SOC, the security division has seen an overall 64 percent decrease in incident response time.”

Prerequisites

The CSA program requires a candidate to have 1 year of work experience in the Network Admin/ Security domain and should be able to provide proof of the same as validated through the application process unless the candidate attends official training.

Prerequisites

Schedule

První den
Skrýt agendu
Otevřít agendu

  • 09:00 – 10:30

    Security Operations and Management

    • SOC
    • Security Operations
    • Security Management
    • Need of SOC

  • 10:30 – 10:45

    Coffee break

  • 10:45 – 12:15
    • SOC Workflow
    • SOC Capabilities
    • SOC Operations

  • 12:15 – 13:15

    Lunch Menu | Oběd

  • 13:15 – 14:45

    Understanding Cyber Threats, IoCs, and Attack Methodology

    • Cyber Threats
    • Intent - motive - goal
    • Tactics - techniques - procedures
    • Oppoturnity - vulnerability - weakness
  • 14:45 – 15:00

    Coffee break

  • 15:00 – 17:00
    • Network level attacks
    • Host level attacks
    • Application level attacks
    • Email security threats
    • Understanding IoCs
    • Understanding attackers hacking methodology

Druhý den
Skrýt agendu
Otevřít agendu

  • 08:00 – 10:30

    Incidents, Events, and Logging

    • Incident
    • Event
    • Log
    • Typical log sources
    • Need of log
    • Logging requirements
    • Typical Log format
  • 10:30 – 10:45

    Coffee break

  • 10:45 – 12:15
    • Local logging
    • Logging approaches
    • Centralized logging


  • 12:15 – 13:15

    Lunch menu | Oběd

  • 13:15 – 14:45

    Incident Detection with Security Information and Event Management (SIEM)

    • SIEM
    • Security anlaytics
    • Need of SIEM
    • Typical SIEM Capabilities
    • SIEM Architecture and ITS Components
    • SIEM Solutions
  • 14:45 – 15:00

    Coffee break

  • 15:00 – 17:00
    • SIEM Deployment
    • Incident Detection with SIEM
    • Examples of commonly Used Use Case Across all SIEM deployments
    • Handling Alert Triaging and Analysis

Třetí den
Skrýt agendu
Otevřít agendu

  • 09:00 – 10:30

    Enhanced Incident Detection with Threat Intelligence

    • Understanding CTI
    • Why treat intelligence  - driven SOC
  • 10:30 – 10:45

    Coffee break

  • 10:45 – 12:15

    Incident Response

    • Incident Response Team (IRT)
    • Where Does IRTFits in the Organization
    • SOC and IRT Collaboration
    • IR process overview
  • 12:15 – 13:15

    Lunch Menu | Oběd

  • 13:15 – 14:45
    • Preparation for Incident Response
    • Incident Recording  and Assigment
    • Incident triage
    • Notification
    • Contaiment


  • 14:45 – 15:00

    Coffee break

  • 15:00 – 17:00
    • Evidence gathering and Forensic Analysis
    • Eradication
    • Recovery
    • Post Incident Activities
    • Responding to Network Security Incidents

CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry.

  • Délka bloku 90 minut
  • Vyučovacích hodin 24 hodin
  • Občerstvení YES
  • Zkouška

Certification

After the completion of the CSA training, candidates will be ready to attempt the Certified SOC Analyst exam. 

Upon successful completion of the exam, with a score of at least 70%, the candidate will be entitled to the CSA certificate and membership privileges. Members are expected to adhere to recertification requirements through EC-Council’s Continuing Education Requirements.

Certification

Exam Format

The CSA exam is designed to test and validate a candidate’s comprehensive understanding of the jobs tasks required as a SOC analyst. Thereby validating their comprehensive understanding of a complete SOC workflow.
  • Duration: 3 hours
  • Passing score 70%
  • Numbers of Questions 100
  • Test format: Multiple Choice
  • Availibity - EC-Council Exam Portal
Exam Format

Jak kurz hodnotí absolventi?

V čem jsou naše reference výjimečné? Nejsou to jednorázové akce. K nám se lidé vrací rádi a nezavírají před námi dveře.

Podívejte se na úplný seznam referenčních klientů, kteří na nás nedají dopustit.

Vaše hodnocení
*****

Chcete to připravit na míru? Kontaktujte nás!

Zavolejte nám a my vám poradíme.

Jsme vám k dispozici na telefonním čísle +420 222 553 101 vždy od pondělí do pátku: 9:00 - 17:00.

*položky označené hvězdičkou jsou povinné

Chcete získat dárek k narozeninám?