وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Complete SOC Analyst Course with Splunk Enterprise – 2023

سرفصل های دوره

Become a soc analyst in MSSP organizations with latest tactics and techniques | includes Splunk enterprise, Qulays Guard


1. Complete Kali Linux Commands for SecOps
  • 1. Kali Linux Setup
  • 2. Users management
  • 3. Directories in Kali Linux
  • 4. Services in Kali Linux
  • 5. Servers in Kali Linux
  • 6. Metasploit Framework
  • 7. Important tools for Security Expert
  • 8. Cat command
  • 9. Cal command
  • 10. cd command
  • 11. cmp diff command
  • 12. cp command
  • 13. egrep command
  • 14. File permissions command
  • 15. find files by names command
  • 16. grep command
  • 17. ls command
  • 18. mkdir command
  • 19. modes command
  • 20. rm command
  • 21. sort command
  • 22. uname command
  • 23. uniq command
  • 24. Who-is-logged command

  • 2. SOC Fundamentals
  • 1. TcpIP Model
  • 2. Types of Networks (LAN, WAN, MAN, WALN)
  • 3. Application layer protocols (DNS, dns packet analysis, DNSSEC, how dns works)
  • 4. Transport Layer Protocol (Tcp, UDP, SSL, TLS)
  • 5. Internet layer (IP, IPv4 vs IPv6, IPsec, ARP, IGRP)
  • 6. link layer Protocols (WEP, WPA, WPA2, CDP - CISCO, LEAPPEAP,)
  • 7. Network Security devices (Firewall, hw Firewall, sw firewall, types, policie)

  • 3. MODULE 1 - Security Operations and Management
  • 1. Security Management
  • 2. Capabilities of SOC
  • 3. Typical functions of Soc Operations
  • 4. SOC Workflow
  • 5. Components of SOC
  • 6. Types of SOC Models
  • 7. SOC Vs NOC
  • 8. Security Operations
  • 9. Need of SOC

  • 4. Understanding Common Security Threats
  • 1. Nessus VA
  • 2. Dumping & Cracking SAM hashes to extract plaintext passwords
  • 3. Windows Registry entry monitoring for suspicious activities
  • 4. Startup program monitoring tool
  • 5. Spoofing MAC addresses using SMAC
  • 6. Detecting ARP attacks
  • 7. DOS attack - SYN flood attack using hping3
  • 8. Snort IDS - Detecting intrusions
  • 9. Bypass windows firewall using NMAP evasion techniques
  • 10. Bypassing Firewall rules using HTTPFTP Tunneling
  • 11. Cracking FTP credentials using Dictionary attack
  • 12. Exploiting parameter tampering and XSS Vulnerabilities
  • 13. Exploiting RCE - Remote code execution vulnerabilities
  • 14. Exploiting LFI&RFI Vulnerabilities
  • 15. Exploiting CSRF attacks
  • 16. Exploiting SQL injection attacks - Practical approach
  • 17. Exploiting MSSQL using webshell to extract databases (Exfiltration)
  • 18. Wireless Packet analysis using Wireshark
  • 19. Cryptography - Calculate the hashes using the Hashcalc
  • 20. Cryptography - calculate the hashes using MD5 hash calculator
  • 21. Cryptography - Basic Disk encryption using the Veracrypt

  • 5. MODULE 2 - Understanding Cyber Threats, IoCs, and and Attack Methodology
  • 1. Cyber Threats
  • 2. Intent-Motive-Goal
  • 3. Tactics-Techniques-Procedures
  • 4. Opportunity-Vulnerability-Weakness
  • 5. Network Level Attacks 1
  • 6. Network Level Attacks - 2
  • 7. Application Level Attacks
  • 8. Host,Application Level Attacks
  • 9. Network,Host,Application Level Attacks - 5
  • 10. Cyber Threat IoCs
  • 11. Malware Threats IOC - 2
  • 12. Hacking Methodologies
  • 13. CSA Brute Force demo
  • 14. CSA Proxy Switcher demo
  • 15. lab 1 - Understanding the Working of SQL Injection Attacks
  • 16. lab 2 - Understanding the Working of XSS Attacks
  • 17. lab 3 - Understanding the Working of Network Scanning Attacks
  • 18. lab 4 - Understanding the Working of Brute Force Attacks
  • 19. lab 5 - Detecting and Analyzing IoCs using Wireshark

  • 6. MODULE 3 - Incidents, Events, and Logging
  • 1. Log , Event and Incident
  • 2. Centralized Logging challenges - 1
  • 3. Centralized Logging challenges - 2
  • 4. Typical Log Sources
  • 5. Need of Log
  • 6. Logging Requirements
  • 7. Typical Log Format
  • 8. Local Logging - 1
  • 9. Local Logging - 2
  • 10. Local Logging - 3
  • 11. Local Logging - 4
  • 12. Local Logging - 5
  • 13. lab 1 - Configuring, Monitoring, and Analyzing Windows Logs
  • 14. lab 2 - Configuring, Monitoring, and Analyzing IIS Logs
  • 15. lab 3 - Configuring, Monitoring, and Analyzing Snort IDS Logs

  • 7. MODULE 4 Incident Detection with Security Information and event management
  • 1. Need of SIEM
  • 2. Typical SIEM Capabilities
  • 3. SIEM Architecture and its Components
  • 4. SIEM Solutions
  • 5. SIEM Deployment - 1
  • 6. SIEM Deployment - 2
  • 7. Incident Detection with SIEM and Use Case Examples For Application Level Inciden
  • 8. Use Case Examples For Insider Incident Detection
  • 9. Use Case Examples For Network Level Incident Detection - 1
  • 10. Use Case Examples For Network Level Incident Detection - 2
  • 11. Use Case Examples For Host Level Incident Detection
  • 12. Handling Alert Triaging and Analysis
  • 13. splunk deployment
  • 14. CSA SQL Injection Demo
  • 15. XSS Attack Demo
  • 16. Working with SPLUNK and SEARCH Demo
  • 17. lab 1 - Host Level Incident Detection Creating Splunk Use Case for Detecting an
  • 18. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec
  • 19. Security Information and Event Management (SIEM)
  • 20. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec
  • 21. lab 3 - Network Level Incident Detection Creating Splunk Use Case for Detecting
  • 22. lab 4 - Host Level Incident Detection Creating ELK Use Case for Monitoring Trus
  • 23. Lab 5 - Host Level Incident Detection Creating ELK Use Case

  • 8. MODULE 5 - Enhanced Incident Detection with Threat intelligence
  • 1. Cyber Threat Intelligence (CTI)
  • 2. Types of Threat Intelligence - 1
  • 3. Types of Threat Intelligence - 2
  • 4. Threat Intelligence-driven SOC
  • 5. Benefit of Threat Intelligence to SOC Analyst
  • 6. Threat Intelligence Use Cases for SOC Analyst
  • 7. Integration of Threat Intelligence into SIEM
  • 8. Threat Intelligence Use Cases for Enhanced Incident Response
  • 9. Enhancing Incident Response by Establishing SOPs for Threat Intelligence
  • 10. lab 1 - Enhanced Incident Detection with Threat Intelligence
  • 11. lab 2 - Integrating OTX Threat Data in OSSIM

  • 9. MODULE 6 - Incident Response
  • 1. Incident response
  • 2. SOC and IRT Collaboration
  • 3. Incident Response (IR) Process Overview - 1
  • 4. Incident Response (IR) Process Overview - 2
  • 5. Incident Response (IR) Process Overview - 3
  • 6. Incident Response (IR) Process Overview - 4
  • 7. Incident Response (IR) Process Overview - 5
  • 8. Responding to Network Security Incidents
  • 9. Responding to Application Security Incidents
  • 10. Responding to Email Security Incidents
  • 11. Responding to an Insider Incidents
  • 12. Responding to an Malware Incidents
  • 13. CSA eradicating SQL and XSS Injection demo
  • 14. lab 1 - Generating Tickets for Incidents
  • 15. lab 2 - Eradicating SQL Injection and XSS Incidents
  • 16. lab 3 - Recovering from Data Loss Incidents
  • 17. lab 4 - Creating Incident Reports using OSSIM

  • 10. Qualys Web Application Scanning
  • 1. Qualys Web Application overview
  • 2. Qualys Knowledge base and search lists
  • 3. Basic Web application setup
  • 4. Scheduled Scans
  • 5. Web Application scans Sitemap

  • 11. Qualys Cloud Agent & Qualys Vulnerability Management (VM)
  • 1. Lab 1 - Cloud Agent deployment
  • 2. Lab 2 - Agent Installation Components
  • 3. Lab 3 - Command Line Installations Windows
  • 4. Lab 4 - Command Line installations - MSI
  • 5. Lab 5 - Validate CA installation & Locate HOST ID
  • 6. Lab 6 - CA Log file & Troubleshoot
  • 7. Lab 7 - Asset Details & Queries
  • 8. Lab 8 - Windows Self-Protection feature
  • 9. Lab 9 - Configuration and Tunning the cloud agent
  • 10. Lab 10 - Scan-On-Demand VMDR
  • 11. Lab 11 - De-Install (Activate, De-activate, Uninstall Agents)
  • 12. Lab 1 - Account Setup & Application
  • 13. Knowledge base & Search Lists
  • 14. Lab 2 - Working with Knowledge base
  • 15. Lab 3 - Working with SeachLists
  • 16. Lab 4 - Working with Asset tags
  • 17. Lab 5 - Working with Asset Search
  • 18. Asset & Asset inventory
  • 19. Asset Groups
  • 20. Asset Tagging
  • 21. Using Asset tags
  • 22. Using Asset groups
  • 23. Lab 6 - Working with Asset groups
  • 24. Scan by Hostname
  • 25. Vulnerability Assessment
  • 26. Benefits of Vulnerability Assessment and Scanning
  • 27. VM Life cycle and Sensors
  • 28. Lab 7 - Working with Vulnerability Assessment
  • 29. Lab 8 - Authentication Records
  • 30. Lab 9 - Launch Scan
  • 31. Scan Configuration
  • 32. Scheduling Assessment Scans
  • 33. View Scan results
  • 34. Lab 10 - Scheduled Scans
  • 35. User management
  • 36. Lab 11 - Creating user account
  • 37. Vulnerabilities Remediation
  • 38. Lab 12 - Assign Vulnerability to User.
  • 39. Lab 13 - Ignore Vulnerabilities
  • 40. Lab 14 - Create Remediation Report
  • 41. Report overview
  • 42. Report overview
  • 43. Lab 15 - Reporting
  • 44. Lab 16 - Scheduled Reports
  • 45. Lab 17 - Custom Report templates
  • 46. Discounted Vouchers for CSA.html
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 17048
    حجم: 10382 مگابایت
    مدت زمان: 1313 دقیقه
    تاریخ انتشار: 8 مرداد 1402
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید