Course Description
The Certified SOC Analyst (CSA) program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.
CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry. The program focuses on creating new career opportunities through extensive, meticulous knowledge with enhanced level capabilities for dynamically contributing to a SOC team. Being an intense 3-day program, it thoroughly covers the fundamentals of SOC operations, before relaying the knowledge of log management and correlation, SIEM deployment, advanced incident detection, and incident response. Additionally, the candidate will learn to manage various SOC processes and collaborate with CSIRT at the time of need.
Program Objectives
- Security Operations and Management
- Understanding Cyber Threats, IoCs, and Attack
Methodology - Incidents, Events, and Logging
- Incident Detection with Security Information and
Event Management (SIEM) - Enhanced Incident Detection with Threat
Intelligence - Incident Response
Exam Details
Exam name : Certified SOC Analyst (312-39) Exam
Number of Questions: 100
Passing Score: 70%
Test Duration: 3 Hours
Test Format: Multiple Choice
Exam Eligibility Requirement
The CSA program requires a candidate to have 1 year of work experience in the Network Admin/ Security domain and should be able to provide proof of the same as validated through the application process unless the candidate attends official training.
Course Features
- Lectures 34
- Quizzes 0
- Duration 24 hours
- Skill level All levels
- Language English
- Students 538
- Assessments Yes
Curriculum
- 6 Sections
- 34 Lessons
- 10 Weeks
- 1.Security Operations andManagement3
- 2.Understanding Cyber Threats,IoCs, and Attack Methodology6
- 3.Incidents, Events, and Logging3
- 4.Incident Detection withSecurity Information and EventManagement (SIEM)9
- 4.1Understand the Basic Concepts of Security Information and Event Management (SIEM)
- 4.2Discuss the Different SIEM Solutions
- 4.3Understand the SIEM Deployment
- 4.4Learn Different Use Case Examples for Application Level Incident Detection
- 4.5Learn Different Use Case Examples for Insider Incident Detection
- 4.6Learn Different Use Case Examples for Network Level Incident Detection
- 4.7Learn Different Use Case Examples for Host Level Incident Detection
- 4.8Learn Different Use Case Examples for Compliance
- 4.9Understand the Concept of Handling Alert Triaging and Analysis
- 5.Enhanced Incident Detectionwith Threat Intelligence6
- 5.1Learn Fundamental Concepts on Threat Intelligence
- 5.2Learn Different Types of Threat Intelligence
- 5.3Understand How Threat Intelligence Strategy is Developed
- 5.4Learn Different Threat Intelligence Sources from which Intelligence can be Obtained
- 5.5Learn Different Threat Intelligence Platform (TIP)
- 5.6Understand the Need of Threat Intelligence-driven SOC
- 6.Incident Response7
- 6.1Understand the Fundamental Concepts of Incident Response
- 6.2Learn Various Phases in Incident Response Process
- 6.3Learn How to Respond to Network Security Incidents
- 6.4Learn How to Respond to Application Security Incidents
- 6.5Learn How to Respond to Email Security Incidents
- 6.6Learn How to Respond to Insider Incidents
- 6.7Learn How to Respond to Malware Incidents
