وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Complete SOC Analyst Course with Splunk Enterprise – 2023

سرفصل های دوره

Become a soc analyst in MSSP organizations with latest tactics and techniques | includes Splunk enterprise, Qulays Guard


1. Complete Kali Linux Commands for SecOps
  • 1. Kali Linux Setup
  • 2. Users management
  • 3. Directories in Kali Linux
  • 4. Services in Kali Linux
  • 5. Servers in Kali Linux
  • 6. Metasploit Framework
  • 7. Important tools for Security Expert
  • 8. Cat command
  • 9. Cal command
  • 10. cd command
  • 11. cmp diff command
  • 12. cp command
  • 13. egrep command
  • 14. File permissions command
  • 15. find files by names command
  • 16. grep command
  • 17. ls command
  • 18. mkdir command
  • 19. modes command
  • 20. rm command
  • 21. sort command
  • 22. uname command
  • 23. uniq command
  • 24. Who-is-logged command

  • 2. SOC Fundamentals
  • 1. TcpIP Model
  • 2. Types of Networks (LAN, WAN, MAN, WALN)
  • 3. Application layer protocols (DNS, dns packet analysis, DNSSEC, how dns works)
  • 4. Transport Layer Protocol (Tcp, UDP, SSL, TLS)
  • 5. Internet layer (IP, IPv4 vs IPv6, IPsec, ARP, IGRP)
  • 6. link layer Protocols (WEP, WPA, WPA2, CDP - CISCO, LEAPPEAP,)
  • 7. Network Security devices (Firewall, hw Firewall, sw firewall, types, policie)

  • 3. MODULE 1 - Security Operations and Management
  • 1. Security Management
  • 2. Capabilities of SOC
  • 3. Typical functions of Soc Operations
  • 4. SOC Workflow
  • 5. Components of SOC
  • 6. Types of SOC Models
  • 7. SOC Vs NOC
  • 8. Security Operations
  • 9. Need of SOC

  • 4. Understanding Common Security Threats
  • 1. Nessus VA
  • 2. Dumping & Cracking SAM hashes to extract plaintext passwords
  • 3. Windows Registry entry monitoring for suspicious activities
  • 4. Startup program monitoring tool
  • 5. Spoofing MAC addresses using SMAC
  • 6. Detecting ARP attacks
  • 7. DOS attack - SYN flood attack using hping3
  • 8. Snort IDS - Detecting intrusions
  • 9. Bypass windows firewall using NMAP evasion techniques
  • 10. Bypassing Firewall rules using HTTPFTP Tunneling
  • 11. Cracking FTP credentials using Dictionary attack
  • 12. Exploiting parameter tampering and XSS Vulnerabilities
  • 13. Exploiting RCE - Remote code execution vulnerabilities
  • 14. Exploiting LFI&RFI Vulnerabilities
  • 15. Exploiting CSRF attacks
  • 16. Exploiting SQL injection attacks - Practical approach
  • 17. Exploiting MSSQL using webshell to extract databases (Exfiltration)
  • 18. Wireless Packet analysis using Wireshark
  • 19. Cryptography - Calculate the hashes using the Hashcalc
  • 20. Cryptography - calculate the hashes using MD5 hash calculator
  • 21. Cryptography - Basic Disk encryption using the Veracrypt

  • 5. MODULE 2 - Understanding Cyber Threats, IoCs, and and Attack Methodology
  • 1. Cyber Threats
  • 2. Intent-Motive-Goal
  • 3. Tactics-Techniques-Procedures
  • 4. Opportunity-Vulnerability-Weakness
  • 5. Network Level Attacks 1
  • 6. Network Level Attacks - 2
  • 7. Application Level Attacks
  • 8. Host,Application Level Attacks
  • 9. Network,Host,Application Level Attacks - 5
  • 10. Cyber Threat IoCs
  • 11. Malware Threats IOC - 2
  • 12. Hacking Methodologies
  • 13. CSA Brute Force demo
  • 14. CSA Proxy Switcher demo
  • 15. lab 1 - Understanding the Working of SQL Injection Attacks
  • 16. lab 2 - Understanding the Working of XSS Attacks
  • 17. lab 3 - Understanding the Working of Network Scanning Attacks
  • 18. lab 4 - Understanding the Working of Brute Force Attacks
  • 19. lab 5 - Detecting and Analyzing IoCs using Wireshark

  • 6. MODULE 3 - Incidents, Events, and Logging
  • 1. Log , Event and Incident
  • 2. Centralized Logging challenges - 1
  • 3. Centralized Logging challenges - 2
  • 4. Typical Log Sources
  • 5. Need of Log
  • 6. Logging Requirements
  • 7. Typical Log Format
  • 8. Local Logging - 1
  • 9. Local Logging - 2
  • 10. Local Logging - 3
  • 11. Local Logging - 4
  • 12. Local Logging - 5
  • 13. lab 1 - Configuring, Monitoring, and Analyzing Windows Logs
  • 14. lab 2 - Configuring, Monitoring, and Analyzing IIS Logs
  • 15. lab 3 - Configuring, Monitoring, and Analyzing Snort IDS Logs

  • 7. MODULE 4 Incident Detection with Security Information and event management
  • 1. Need of SIEM
  • 2. Typical SIEM Capabilities
  • 3. SIEM Architecture and its Components
  • 4. SIEM Solutions
  • 5. SIEM Deployment - 1
  • 6. SIEM Deployment - 2
  • 7. Incident Detection with SIEM and Use Case Examples For Application Level Inciden
  • 8. Use Case Examples For Insider Incident Detection
  • 9. Use Case Examples For Network Level Incident Detection - 1
  • 10. Use Case Examples For Network Level Incident Detection - 2
  • 11. Use Case Examples For Host Level Incident Detection
  • 12. Handling Alert Triaging and Analysis
  • 13. splunk deployment
  • 14. CSA SQL Injection Demo
  • 15. XSS Attack Demo
  • 16. Working with SPLUNK and SEARCH Demo
  • 17. lab 1 - Host Level Incident Detection Creating Splunk Use Case for Detecting an
  • 18. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec
  • 19. Security Information and Event Management (SIEM)
  • 20. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec
  • 21. lab 3 - Network Level Incident Detection Creating Splunk Use Case for Detecting
  • 22. lab 4 - Host Level Incident Detection Creating ELK Use Case for Monitoring Trus
  • 23. Lab 5 - Host Level Incident Detection Creating ELK Use Case

  • 8. MODULE 5 - Enhanced Incident Detection with Threat intelligence
  • 1. Cyber Threat Intelligence (CTI)
  • 2. Types of Threat Intelligence - 1
  • 3. Types of Threat Intelligence - 2
  • 4. Threat Intelligence-driven SOC
  • 5. Benefit of Threat Intelligence to SOC Analyst
  • 6. Threat Intelligence Use Cases for SOC Analyst
  • 7. Integration of Threat Intelligence into SIEM
  • 8. Threat Intelligence Use Cases for Enhanced Incident Response
  • 9. Enhancing Incident Response by Establishing SOPs for Threat Intelligence
  • 10. lab 1 - Enhanced Incident Detection with Threat Intelligence
  • 11. lab 2 - Integrating OTX Threat Data in OSSIM

  • 9. MODULE 6 - Incident Response
  • 1. Incident response
  • 2. SOC and IRT Collaboration
  • 3. Incident Response (IR) Process Overview - 1
  • 4. Incident Response (IR) Process Overview - 2
  • 5. Incident Response (IR) Process Overview - 3
  • 6. Incident Response (IR) Process Overview - 4
  • 7. Incident Response (IR) Process Overview - 5
  • 8. Responding to Network Security Incidents
  • 9. Responding to Application Security Incidents
  • 10. Responding to Email Security Incidents
  • 11. Responding to an Insider Incidents
  • 12. Responding to an Malware Incidents
  • 13. CSA eradicating SQL and XSS Injection demo
  • 14. lab 1 - Generating Tickets for Incidents
  • 15. lab 2 - Eradicating SQL Injection and XSS Incidents
  • 16. lab 3 - Recovering from Data Loss Incidents
  • 17. lab 4 - Creating Incident Reports using OSSIM

  • 10. Qualys Web Application Scanning
  • 1. Qualys Web Application overview
  • 2. Qualys Knowledge base and search lists
  • 3. Basic Web application setup
  • 4. Scheduled Scans
  • 5. Web Application scans Sitemap

  • 11. Qualys Cloud Agent & Qualys Vulnerability Management (VM)
  • 1. Lab 1 - Cloud Agent deployment
  • 2. Lab 2 - Agent Installation Components
  • 3. Lab 3 - Command Line Installations Windows
  • 4. Lab 4 - Command Line installations - MSI
  • 5. Lab 5 - Validate CA installation & Locate HOST ID
  • 6. Lab 6 - CA Log file & Troubleshoot
  • 7. Lab 7 - Asset Details & Queries
  • 8. Lab 8 - Windows Self-Protection feature
  • 9. Lab 9 - Configuration and Tunning the cloud agent
  • 10. Lab 10 - Scan-On-Demand VMDR
  • 11. Lab 11 - De-Install (Activate, De-activate, Uninstall Agents)
  • 12. Lab 1 - Account Setup & Application
  • 13. Knowledge base & Search Lists
  • 14. Lab 2 - Working with Knowledge base
  • 15. Lab 3 - Working with SeachLists
  • 16. Lab 4 - Working with Asset tags
  • 17. Lab 5 - Working with Asset Search
  • 18. Asset & Asset inventory
  • 19. Asset Groups
  • 20. Asset Tagging
  • 21. Using Asset tags
  • 22. Using Asset groups
  • 23. Lab 6 - Working with Asset groups
  • 24. Scan by Hostname
  • 25. Vulnerability Assessment
  • 26. Benefits of Vulnerability Assessment and Scanning
  • 27. VM Life cycle and Sensors
  • 28. Lab 7 - Working with Vulnerability Assessment
  • 29. Lab 8 - Authentication Records
  • 30. Lab 9 - Launch Scan
  • 31. Scan Configuration
  • 32. Scheduling Assessment Scans
  • 33. View Scan results
  • 34. Lab 10 - Scheduled Scans
  • 35. User management
  • 36. Lab 11 - Creating user account
  • 37. Vulnerabilities Remediation
  • 38. Lab 12 - Assign Vulnerability to User.
  • 39. Lab 13 - Ignore Vulnerabilities
  • 40. Lab 14 - Create Remediation Report
  • 41. Report overview
  • 42. Report overview
  • 43. Lab 15 - Reporting
  • 44. Lab 16 - Scheduled Reports
  • 45. Lab 17 - Custom Report templates
  • 46. Discounted Vouchers for CSA.html
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    افزودن به سبد خرید
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 17048
    حجم: 10382 مگابایت
    مدت زمان: 1313 دقیقه
    تاریخ انتشار: ۸ مرداد ۱۴۰۲
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید