Narrated ‘Ali bin Abi Talib (RA): The Prophet (RA) stood up for a funeral (to show respect) and thereafter he sat down. (Dawud)

Browse Categories

Browse Categories

EC-Council Certified SOC Analyst - CSA

4.5/5

CSA is a training and certification program that helps candidates acquire trending skills in their field through instruction by some of the most experienced professionals in the industry. The program focuses on creating new career opportunities and promoting careers while providing job-focused knowledge, useful skills and relevant capabilities to individuals who want to improve their career prospects. Being an intense 3-day program, it thoroughly covers the fundamentals of SOC operations, before relaying the knowledge of log management and correlation, SIEM deployment, advanced incident detection, and incident response. Additionally, the candidate will learn to manage various SOC processes and collaborate with CSIRT at the time of need.

EC-Council-removebg-preview

Training Options

Classroom Training

Online Instructor Led

Onsite Training

Corporate Training Options

Online Instructor Led

2

Classroom Training

undraw_building_re_xfcm 1

Onsite Training

Overseas Training

Course Information

SOC Essential Concepts

  • Computer Network Fundamentals
  • TCP/IP Protocol Suite
  • Application Layer Protocols
  • Transport Layer Protocols
  • Internet Layer Protocols
  • Link Layer Protocols
  • IP Addressing and Port Numbers
  • Network Security Controls
  • Network Security Devices
  • Windows Security
  • Unix/Linux Security
  • Web Application Fundamentals
  • Information Security Standards, Laws and Acts

Security Operations and Management

  • Security Management
  • Security Operations
  • Security Operations Center (SOC)
  • Need of SOC
  • SOC Capabilities
  • SOC Operations
  • SOC Workflow
  • Components of SOC: People, Process and Technology
  • People
  • Technology
  • Processes
  • Types of SOC Models
  • SOC Maturity Models
  • SOC Generations
  • SOC Implementation
  • SOC Key Performance Indicators
  • Challenges in Implementation of SOC
  • Best Practices for Running SOC
  • SOC vs NOC

Understanding Cyber Threats, IoCs and Attack Methodology

  • Cyber Threats
  • Intent-Motive-Goal
  • Tactics-Techniques-Procedures (TTPs)
  • Opportunity-Vulnerability-Weakness
  • Network Level Attacks
  • Host Level Attacks
  • Application Level Attacks
  • Email Security Threats
  • Understanding Indicators of Compromise
  • Understanding Attacker's Hacking Methodology

» Show More 👇

Incidents, Events and Logging

  • Incident
  • Event
  • Log
  • Typical Log Sources
  • Need of Log
  • Logging Requirements
  • Typical Log Format
  • Logging Approaches
  • Local Logging
  • Centralized Logging

Incident Detection with Security Information and Event Management (SIEM)

  • Security Information and Event Management (SIEM)
  • Security Analytics
  • Need of SIEM
  • Typical SIEM Capabilities
  • SIEM Architecture and Its Components
  • SIEM Solutions
  • SIEM Deployment
  • Incident Detection with SIEM
  • Examples of Commonly Used Use Cases Across all SIEM deployments
  • Handling Alert Triaging and Analysis

Enhanced Incident Detection with Threat Intelligence

  • Understanding Cyber Threat Intelligence
  • Why-Threat Intelligence-driven SOC?

Incident Response

  • Incident Response
  • Incident Response Team (IRT)
  • Where does IRT Fit in the Organization
  • SOC and IRT Collaboration
  • Incident Response (IR) Process Overview
  • Step 1: Preparation for Incident Response
  • Step 2: Incident Recording and Assignment
  • Step 3: Incident Triage
  • Step 4: Notification
  • Step 5: Containment
  • Step 6: Evidence Gathering and Forensic Analysis
  • Step 7: Eradication
  • Step 8: Recovery
  • Step 9: Post-Incident Activities
  • Responding to Network Security Incidents
  • Responding to Application Security Incidents
  • Responding to Email Security Incidents
  • Responding to Insider Incidents
  • Responding to Malware Incidents

» Show Less 👆

Audience Profile

SOC Analysts ( Tier I and Tier II), Cybersecurity Analysts, Entry-level cybersecurity professionals. Network and Security Administrators.

Corporate Training Options

Online Instructor Led

Live, Online Training by top Instructors and practitioners across the globe.

Onsite
Training

Conduct training at the work location you desired.

Classroom Training

The Venue will be ideally located and easy to access with covid-19 SOP's.

Overseas Training

Travel to any desired location for your training.

Upcoming Batch

Enquiry Form:

Testimonials?

Mohammed Aljbreen Operation Specialist, SAMA

The Clarity of the Content was very good. The explanation of the trainer with in-depth knowledge in a proper flow really impressed me to give 5 star rating.

Arindam Chakraborty Systems Specialist, King Abdullah University of Sciences & Technology

The Instructor was really impressive. Clear cut explanation of every topic he covered with real time scenarios.

Sher Afzal Khan Cloud Engineer, Cloud 9 Networks

The Trainer and the Course Material, both are good. Good flow of explanation with simple examples. The complete training was focused on current industry challenges.

Jawed Ahmad Siddiqui Sr. System Administrator, Saudi Ceramics

The Trainer’s presentation was impressed me to continue the course till end. Never feel bore till the entire sessions. She studied our mindset and follows.

    Not sure,
    which course to choose?

    Our Clients across the Globe!

    Our Corporate Clients

    Best Solution To Transform Your Corporate Environment.

    Our Offices.

    UAE

    Office No- 306, Galadari Mazda Building Airport Road, Garhoud, Dubai.

    SPAIN

    C / Aribau 11 2-4 08913 Badalona Barcelona,
    Spain.

    UK

    85 Skeffington Road East Ham E6 2NA,
    London.

    AUS

    Level 22, HWT Tower, 40 City Road, Southbank, Melbourne VIC 3006.

    IN

    12B, Chitrapuri Hills, Hyderabad, Telangana
    India.