Complete SOC Analyst Course with Splunk Enterprise – 2023

سرفصل های دوره

Become a soc analyst in MSSP organizations with latest tactics and techniques | includes Splunk enterprise, Qulays Guard

1. Complete Kali Linux Commands for SecOps

1. Kali Linux Setup

2. Users management

3. Directories in Kali Linux

4. Services in Kali Linux

5. Servers in Kali Linux

6. Metasploit Framework

7. Important tools for Security Expert

8. Cat command

9. Cal command

10. cd command

11. cmp diff command

12. cp command

13. egrep command

14. File permissions command

15. find files by names command

16. grep command

17. ls command

18. mkdir command

19. modes command

20. rm command

21. sort command

22. uname command

23. uniq command

24. Who-is-logged command

2. SOC Fundamentals

1. TcpIP Model

2. Types of Networks (LAN, WAN, MAN, WALN)

3. Application layer protocols (DNS, dns packet analysis, DNSSEC, how dns works)

4. Transport Layer Protocol (Tcp, UDP, SSL, TLS)

5. Internet layer (IP, IPv4 vs IPv6, IPsec, ARP, IGRP)

6. link layer Protocols (WEP, WPA, WPA2, CDP - CISCO, LEAPPEAP,)

7. Network Security devices (Firewall, hw Firewall, sw firewall, types, policie)

3. MODULE 1 - Security Operations and Management

1. Security Management

2. Capabilities of SOC

3. Typical functions of Soc Operations

4. SOC Workflow

5. Components of SOC

6. Types of SOC Models

7. SOC Vs NOC

8. Security Operations

9. Need of SOC

4. Understanding Common Security Threats

1. Nessus VA

2. Dumping & Cracking SAM hashes to extract plaintext passwords

3. Windows Registry entry monitoring for suspicious activities

4. Startup program monitoring tool

5. Spoofing MAC addresses using SMAC

6. Detecting ARP attacks

7. DOS attack - SYN flood attack using hping3

8. Snort IDS - Detecting intrusions

9. Bypass windows firewall using NMAP evasion techniques

10. Bypassing Firewall rules using HTTPFTP Tunneling

11. Cracking FTP credentials using Dictionary attack

12. Exploiting parameter tampering and XSS Vulnerabilities

13. Exploiting RCE - Remote code execution vulnerabilities

14. Exploiting LFI&RFI Vulnerabilities

15. Exploiting CSRF attacks

16. Exploiting SQL injection attacks - Practical approach

17. Exploiting MSSQL using webshell to extract databases (Exfiltration)

18. Wireless Packet analysis using Wireshark

19. Cryptography - Calculate the hashes using the Hashcalc

20. Cryptography - calculate the hashes using MD5 hash calculator

21. Cryptography - Basic Disk encryption using the Veracrypt

5. MODULE 2 - Understanding Cyber Threats, IoCs, and and Attack Methodology

1. Cyber Threats

2. Intent-Motive-Goal

3. Tactics-Techniques-Procedures

4. Opportunity-Vulnerability-Weakness

5. Network Level Attacks 1

6. Network Level Attacks - 2

7. Application Level Attacks

8. Host,Application Level Attacks

9. Network,Host,Application Level Attacks - 5

10. Cyber Threat IoCs

11. Malware Threats IOC - 2

12. Hacking Methodologies

13. CSA Brute Force demo

14. CSA Proxy Switcher demo

15. lab 1 - Understanding the Working of SQL Injection Attacks

16. lab 2 - Understanding the Working of XSS Attacks

17. lab 3 - Understanding the Working of Network Scanning Attacks

18. lab 4 - Understanding the Working of Brute Force Attacks

19. lab 5 - Detecting and Analyzing IoCs using Wireshark

6. MODULE 3 - Incidents, Events, and Logging

1. Log , Event and Incident

2. Centralized Logging challenges - 1

3. Centralized Logging challenges - 2

4. Typical Log Sources

5. Need of Log

6. Logging Requirements

7. Typical Log Format

8. Local Logging - 1

9. Local Logging - 2

10. Local Logging - 3

11. Local Logging - 4

12. Local Logging - 5

13. lab 1 - Configuring, Monitoring, and Analyzing Windows Logs

14. lab 2 - Configuring, Monitoring, and Analyzing IIS Logs

15. lab 3 - Configuring, Monitoring, and Analyzing Snort IDS Logs

7. MODULE 4 Incident Detection with Security Information and event management

1. Need of SIEM

2. Typical SIEM Capabilities

3. SIEM Architecture and its Components

4. SIEM Solutions

5. SIEM Deployment - 1

6. SIEM Deployment - 2

7. Incident Detection with SIEM and Use Case Examples For Application Level Inciden

8. Use Case Examples For Insider Incident Detection

9. Use Case Examples For Network Level Incident Detection - 1

10. Use Case Examples For Network Level Incident Detection - 2

11. Use Case Examples For Host Level Incident Detection

12. Handling Alert Triaging and Analysis

13. splunk deployment

14. CSA SQL Injection Demo

15. XSS Attack Demo

16. Working with SPLUNK and SEARCH Demo

17. lab 1 - Host Level Incident Detection Creating Splunk Use Case for Detecting an

18. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec

19. Security Information and Event Management (SIEM)

20. lab 2 - Application Level Incident Detection Creating Splunk Use Case for Detec

21. lab 3 - Network Level Incident Detection Creating Splunk Use Case for Detecting

22. lab 4 - Host Level Incident Detection Creating ELK Use Case for Monitoring Trus

23. Lab 5 - Host Level Incident Detection Creating ELK Use Case

8. MODULE 5 - Enhanced Incident Detection with Threat intelligence

1. Cyber Threat Intelligence (CTI)

2. Types of Threat Intelligence - 1

3. Types of Threat Intelligence - 2

4. Threat Intelligence-driven SOC

5. Benefit of Threat Intelligence to SOC Analyst

6. Threat Intelligence Use Cases for SOC Analyst

7. Integration of Threat Intelligence into SIEM

8. Threat Intelligence Use Cases for Enhanced Incident Response

9. Enhancing Incident Response by Establishing SOPs for Threat Intelligence

10. lab 1 - Enhanced Incident Detection with Threat Intelligence

11. lab 2 - Integrating OTX Threat Data in OSSIM

9. MODULE 6 - Incident Response

1. Incident response

2. SOC and IRT Collaboration

3. Incident Response (IR) Process Overview - 1

4. Incident Response (IR) Process Overview - 2

5. Incident Response (IR) Process Overview - 3

6. Incident Response (IR) Process Overview - 4

7. Incident Response (IR) Process Overview - 5

8. Responding to Network Security Incidents

9. Responding to Application Security Incidents

10. Responding to Email Security Incidents

11. Responding to an Insider Incidents

12. Responding to an Malware Incidents

13. CSA eradicating SQL and XSS Injection demo

14. lab 1 - Generating Tickets for Incidents

15. lab 2 - Eradicating SQL Injection and XSS Incidents

16. lab 3 - Recovering from Data Loss Incidents

17. lab 4 - Creating Incident Reports using OSSIM

10. Qualys Web Application Scanning

1. Qualys Web Application overview

2. Qualys Knowledge base and search lists

3. Basic Web application setup

4. Scheduled Scans

5. Web Application scans Sitemap

11. Qualys Cloud Agent & Qualys Vulnerability Management (VM)

1. Lab 1 - Cloud Agent deployment

2. Lab 2 - Agent Installation Components

3. Lab 3 - Command Line Installations Windows

4. Lab 4 - Command Line installations - MSI

5. Lab 5 - Validate CA installation & Locate HOST ID

6. Lab 6 - CA Log file & Troubleshoot

7. Lab 7 - Asset Details & Queries

8. Lab 8 - Windows Self-Protection feature

9. Lab 9 - Configuration and Tunning the cloud agent

10. Lab 10 - Scan-On-Demand VMDR

11. Lab 11 - De-Install (Activate, De-activate, Uninstall Agents)

12. Lab 1 - Account Setup & Application

13. Knowledge base & Search Lists

14. Lab 2 - Working with Knowledge base

15. Lab 3 - Working with SeachLists

16. Lab 4 - Working with Asset tags

17. Lab 5 - Working with Asset Search

18. Asset & Asset inventory

19. Asset Groups

20. Asset Tagging

21. Using Asset tags

22. Using Asset groups

23. Lab 6 - Working with Asset groups

24. Scan by Hostname

25. Vulnerability Assessment

26. Benefits of Vulnerability Assessment and Scanning

27. VM Life cycle and Sensors

28. Lab 7 - Working with Vulnerability Assessment

29. Lab 8 - Authentication Records

30. Lab 9 - Launch Scan

31. Scan Configuration

32. Scheduling Assessment Scans

33. View Scan results

34. Lab 10 - Scheduled Scans

35. User management

36. Lab 11 - Creating user account

37. Vulnerabilities Remediation

38. Lab 12 - Assign Vulnerability to User.

39. Lab 13 - Ignore Vulnerabilities

40. Lab 14 - Create Remediation Report

41. Report overview

42. Report overview

43. Lab 15 - Reporting

44. Lab 16 - Scheduled Reports

45. Lab 17 - Custom Report templates

46. Discounted Vouchers for CSA.html

53,700 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy-Training