Become a SOC Analyst – Level 2

سرفصل های دوره

1. NMAP

1.1 Nmap - What It Is and Why Its Important - NM
1.2 About the Instructor - NM
1.3 Course Overview and Prerequisites - NM
1.4 Ethics and Legality of Scanning - NM

2.1 Installing Nmap on Windows - NM
2.2 Installing Nmap on Linux - NM
2.3 Installing Nmap on Mac - NM
2.4 Kali Linux - A Hackers Best Friend - NM
2.5 Kali Linux Lab - Running it Live - NM
2.6 Removing Nmap from Windows - NM
2.7 Removing Nmap from Linux - NM
2.8 Removing Nmap from Mac - NM
2.9 Getting Help - NM
2.10 Phases of the Nmap Scan - NM
2.11 Constructing an Nmap Scan - NM
2.12 Constructing an Nmap Scan Lab Part 1 - NM
2.13 Constructing an Nmap Scan Lab Part 2 - NM
2.14 General Considerations - NM
2.15 Custom Scan Profiles Part 1 - NM
2.16 Custom Scan Profiles Part 2 - NM

3.1 IPv4 for Nmap - NM
3.2 IP, TCP, UDP, and ICMP Headers - NM
3.3 Nmap and Wireshark Part 1 - NM
3.4 Nmap and Wireshark Part 2 - NM
3.5 Nmap & IPv6 - NM

4.1 Target Specification Review+ - NM
4.2 Target Specification Lab Part 1 - NM
4.3 Target Specification Lab Part 2 - NM
4.4 Scan Techniques - NM
4.5 Scan Techniques Lab - NM
4.6 Host Discovery Part 1 - NM
4.7 Host Discovery Part 2 - NM
4.8 TCP & UDP Port Scanning - NM
4.9 TCP & UDP Port Scanning Lab Part 1 - NM
4.10 TCP & UDP Port Scanning Lab Part 2
4.11 Service and Application Version Detection Part 1 - NM
4.12 Service and Application Version Detection Part 2 - NM
4.13 Operating System Detection and Fingerprinting Part 1 - NM
4.14 Operating System Detection and Fingerprinting Part 2 - NM
4.15 NSE, Vulnerability Testing & Exploitation Part 1 - NM
4.16 NSE, Vulnerability Testing & Exploitation Part 2 - NM
4.17 NSE, Vulnerability Testing & Exploitation - NM
4.18 Timing and Performance Part 1 - NM
4.19 Timing and Performance Part 2 - NM

Glossary.pdf
Study Guide.pdf
Syllabus and Outline.pdf

2. MITRE ATT&CK Defender (MAD) ATT&CK Fundamentals Badge Training

1.1 Introduction to ATT&CK
1.2 Matrices or Platforms
1.3 Tactics
1.4 Techniques and Sub-Techniques
1.5 Mitigations
1.6 Data Sources and Detections
1.7 Groups and Software
1.8 How ATT&CK Grows and Evolves

2.1 Community Perspective
2.2 Common Language
2.3 Quantitative Scorecard
2.4 ATT&CK Navigator

3.1 Cyber Threat Intelligence
3.2 Detection and Analysis
3.3 Threat Emulation
3.4 Assessment and Engineering
3.5 Putting it all Together into Threat-Informed Defense
3.6 Course Summary

MITRE ATT CK Defender MAD ATT CK Fundamentals Badge Training Syllabus and Outline 1 .pdf

3. Application of the MITRE ATT&CK Framework

1.1 Course Overview
1.2 What is the MITRE ATT&CK Framework
1.3 Where is the MITRE ATT&CK Framework Being Used
1.4 Navigation and Review

2.1 What is Initial Access
2.2 External Remote Services
2.3 Spearphishing Link
2.4 Supply Chain Compromise Part 1
2.5 Supply Chain Compromise Part 2
2.6 Trusted Relationship
2.7 Valid Accounts Part 1
2.8 Valid Accounts Part 2
2.9 Initial Access Case Study
2.10 Module 2 Summary

3.1 What is Execution
3.2 Command Line Interface
3.3 Execution Through API
3.4 Control Panel Items
3.5 Powershell
3.6 Scripting
3.7 User Execution
3.8 Execution Case Study
3.9 Module 3 Summary

4.1 What is Persistence
4.2 Accessibility Features
4.3 Bootkit
4.4 Browser Extension
4.5 Component Firmware
4.6 Create Account
4.7 Hooking
4.8 New Service
4.9 Persistence Case Study
4.10 Module 4 Summary

5.1 What is Privilege Escalation
5.2 Access Token Manipulation
5.3 Elevation Escalation with Prompt
5.4 Exploitation for Privilege Escalation
5.5 File System Permission Weakness
5.6 Scheduled Task
5.7 Sudo
5.8 Web Shell
5.9 Privilege Escalation Case Study
5.10 Module 5 Summary

6.1 What is Defense Evasion
6.2 Clear Command History
6.3 Compile After Delivery
6.4 Disabling Security Tools
6.5 Hidden Files and Directories
6.6 Hidden Users
6.7 Process Hollowing
6.8 Software Packing
6.9 Defense Evasion Case Study
6.10 Module 6 Summary

7.1 What is Credential Access
7.2 Bash History
7.3 Brute Forces
7.4 Credential Dumping
7.5 Steal Web Session Cookie
7.6 Credential Access Case Study
7.7 Module 7 Summary

8.1 What is Discovery
8.2 Account Discovery
8.3 Browser Bookmark Discovery
8.4 System Owner or User Discovery
8.5 Discovery Case Study
8.6 Module 8 Summary

9.1 What is Lateral Movement
9.2 Application Deployment Software
9.3 Exploitation of Remote Services
9.4 SSH Hijacking
9.5 Lateral Movement Case Study
9.6 Module 9 Summary

10.1 What is Collection
10.2 Audio Capture
10.3 Clipboard Data
10.4 Data from Local System
10.5 Collection Case Study
10.6 Module 10 Summary

11.1 What is Command Control
11.2 Commonly Used Port
11.3 Custom Command and Control Protocol
11.4 Uncommonly Used Ports
11.5 Command and Control Case Study
11.6 Module 11 Summary

12.1 What is Exfiltration
12.2 Automated Exfiltration
12.3 Data Compressed
12.4 Data Transfer Size or Limits
12.5 Exfiltration Case Study
12.6 Module 12 Summary

13.1 What is Impact
13.2 Account Access Removal
13.3 Defacement
13.4 Impact Case Study
13.5 Module 13 Summary

14.1 Course Summary

Application of the MITRE Attack Framework Glossary 1 .pdf
Application of the MITRE Attack Framework Study Guide 2 1 .pdf
Application of the MITRE Attack Framework Syllabus and Outline.pdf

4. Advanced Cyber Threat Intelligence

1.1 Course Introduction
1.2 Introduction to the Intelligence Lifecycle

2.1 Introduction to Data Collection
2.2 Internal Data Acquisition
2.3 External Data Sources
2.4 Private Data Sources Part 1
2.5 Private Data Sources Part 2
2.6 Community Data Sources
2.7 Public Data Sources Part 1
2.8 Public Data Sources Part 2
2.9 Leveraging OSINT Part 1
2.10 Leveraging OSINT Part 2

3.1 Introduction to Data Processing
3.2 Common CTI Standards Part 1
3.3 Common CTI Standards Part 2
3.4 Storage and Integration
3.5 Threat Intelligence Platforms

4.1 Introduction to Analysis
4.2 Analysis of Competing Hypothesis
4.3 Cyber Kill Chain and Diamond Model
4.4 Cyber Kill Chain and Courses of Action Matrix

5.1 Introduction to Campaigns
5.2 Heatmap Analysis
5.3 Visual Analysis
5.4 MITRE ATT&CK and the MITRE Threat Groups Track
5.5 Threat Intelligence Naming Conventions

6.1 Introduction to Attribution
6.2 Cognitive Biases
6.3 Logical Fallacies
6.4 How to Manage Biases
6.5 Nation-State Attribution Part 1
6.6 Nation-State Attribution Part 2

7.1 Introduction to Dissemination
7.2 Tactical Intelligence
7.3 Operational Intelligence
7.4 Strategic Intelligence

8.1 Summary

Advanced Cyber Threat Intelligence Glossary 1 1 .pdf
Advanced Cyber Threat Intelligence Resources.pdf
Advanced Cyber Threat Intelligence Study Guide 1 .pdf
Advanced Cyber Threat Intelligence Syllabus and Outline 1 1 .pdf

5. Incident Response and Advanced Forensics

1.1 An Overall View of the Course
1.2 The Humans Behind Cyber Security Incidents
1.3 The Sony Hack Case Study

2.1 An Overview of Incident Response Policy
2.2 The Elements of an Incident Response Policy
2.3 The Role of Communication with Law Enforcement when it comes to security
2.4 The Different Types of Incident Response Teams
2.5 Outsourcing Considerations
2.6 The Role of the Incident Response Manager
2.7 What does an Incident Response team do

3.1 An Introduction to Incident Handling
3.2 CIRC Team Composition
3.3 Incident Response Policies
3.4 The REACT Principle
3.5 Maintaining the Integrity of the Scene following an incident
3.6 The Respond Part of Incident Response

4.1 An Introduction to legal considerations of incident response
4.2 Expectation of Privacy
4.3 Personally Identifiable Information (PII)
4.4 Giving notice to individuals
4.5 Benefits of Information Sharing

5.1 Forensics in Support of an Incident Response
5.2 The Phases of Investigation
5.3 The Preservation Phase of Investigation
5.4 Keys of Preservation
5.5 Volatile Data Considerations
5.6 Capturing the data
5.7 Imaging concepts
5.8 Volatile Memory Capture
5.9 Forensics in Support of Incident Response
5.10 Formatting a disk for Incident Response
5.11 Using the FTK Imaging Software
5.12 The Forensic Acquisition of Data from a PC
5.13 Navigating the H Drive
5.14 Obtaining the Windows Bitlocker Encryption Keys
5.15 Obtaining the Windows Bitlocker Encryption Keys (continued)
5.16 The Autopsy Program

6.1 What is Insider Threat
6.2 American Superconductor Case Study
6.3 Indicators to identify an insider threat
6.4 Using Automated processes to look for indicators of in insider threats
6.5 Policy Enforcement
6.6 Policies and procedures
6.7 Policies and procedures (continued)
6.8 Policies and procedures (continued)

7.1 Malware incidents
7.2 Setting up a Virtual Machine
7.3 Dynamic Analysis

8.1 Incident Recovery
8.2 Resiliency - The Answer to the Cyber Security Paradox

6. Incident Response Recovery

1.1 Incident Recovery
1.2 Incident Documentation
1.3 Legal Concerns
1.4 Lessons Learned Part 1
1.5 Lessons Learned Part 2

7. Computer Hacking and Forensics

1.1 Course Introduction
1.2 Computer Forensics Today Part 1
1.3 Computer Forensics Today Part 2
1.4 Computer Forensics Today Part 3
1.5 Analyze Photos Lab Part 1
1.6 Analyze Photos Lab Part 2
1.7 Analyze Photos Lab Part 3

2.1 Computer Forensics Investigation Process Part 1
2.2 Computer Forensics Investigation Process Part 2

3.1 Hard Disks and File Systems Part 1
3.2 Hard Disks and File Systems Part 2
3.3 Hard Disks and File Systems Part 3
3.4 Hard Disks and File Systems Part 4
3.5 Hard Disks and File Systems Part 5
3.6 Hard Disks and File Systems Part 6
3.7 Recovering Graphics Files Lab Part 1
3.8 Recovering Graphics Files Lab Part 2
3.9 Recovering Graphics Files Lab Part 3

4.1 Data Acquisition Part 1
4.2 Data Acquisition Part 2
4.3 Forensics Lab Part 1
4.4 Forensics Lab Part 2

5.1 Anti-Forensics Techniques Part 1
5.2 Anti-Forensics Techniques Part 2

6.1 Operating System Forensics Part 1 (FI)
6.2 Operating System Forensics Part 2 (FI)
6.3 Operating System Forensics Part 3 (FI)

7.1 Network Forensics

8.1 Web Attack Investigation Part 1
8.2 Web Attack Investigation Part 2
8.3 Web Attack Investigation Part 3

9.1 Database Forensics

10.1 Forensics with the Cloud Part 1
10.2 Forensics with the Cloud Part 2

11.1 Malware Part 1 (FI)
11.2 Malware Part 2 (FI)
11.3 Malware Part 3 (FI)

12.1 Email Investigation Part 1
12.2 Email Investigation Part 2

13.1 Mobile Part 1
13.2 Mobile Part 2
13.3 Mobile Part 3
13.4 Mobile Part 4
13.5 Mobile Part 5

14.1 Forensic Reporting

15.1 Course Summary

CHF Additional Tools to Know.pdf
CHF Cisco Router Log Information.pdf
CHF Course Notes.pdf
CHF Glossary.pdf
CHF Module 1 - Analyze Photos Lab - Step by Step Guide.pdf
CHF Module 3 - Recovering Graphics Files Lab - Step by Step Guide.pdf
CHF Module 4 - Live Data Acquisition Lab - Step by Step Guide.pdf
CHF Recommended Labs.pdf
CHF Study Guide.pdf
CHF Syllabus & Outline.pdf
CHF Tool Notes.pdf

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

شناسه: 26393

حجم: 7375 مگابایت

مدت زمان: 2025 دقیقه

تاریخ انتشار: 26 آذر 1402