
Certified Security Operations Center Analyst (CSA)
The Certified SOC Analyst (CSA) course from Ethnus Codemithra is the first step an aspirant needs to take to join a security operations centre (SOC). Designed for current and aspiring Tier I and Tier II SOC analysts, the course helps them achieve proficiency in performing entry-level and intermediate-level operations. The course also prepares you for the EC-Council Certified SOC Analyst exam.
Content
Module 1 u2013 Security Operations and Management
Module 2 u2013 Understanding Cyber Threats, IoCs, and Attack Methodology
Module 3 u2013 Incidents, Events, and Logging
Module 4 u2013 Incident Detection with Security Information and Event Management (SIEM)
- Fundamentals of Security Information and Event Management (SIEM)
- SIEM Architecture, Components and Solutions
- SIEM Deployment
- Incident Detection with SIEM
- Use case examples of Insider Incident Detection
- Use case examples of Network Level Incident Detection
- Use case examples of Host Level Incident Detection
- Use case examples of Compliance
- Handling Alert Triaging and Analysis
Module 5 u2013 Enhanced Incident Detection with Threat Intelligence
Module 6 u2013 Incident Response
Advantages
- EC-Council Certified & Authorised Mentors
- Access to EC-Council curriculum study material
- 24/7 Access to Codemithra Learning & Assessment Platform
- Live instructor led training sessions
- Live hands-on lab and mini-project sessions
- Digital content valid for two years
Course Outcome
- Gain Knowledge of SOC processes, procedures, technologies, and workflows.
- Gain a basic understanding and in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviours, cyber kill chain, etc.
- Recognise attacker tools, tactics, and procedures to identify indicators of compromise (IOCs) that can be utilised during active and future investigations.
- Monitor and analyse logs and alerts from various technologies across multiple platforms (IDS/IPS, end-point protection, servers and workstations).
- Gain knowledge of Centralized Log Management (CLM) process.
- Perform Security events and log collection, monitoring, and analysis.
- Gain experience and extensive knowledge of Security Information and Event Management.
- Learn to administer SIEM solutions (Splunk/AlienVault/OSSIM/ELK).
- Understand the architecture, implementation and fine-tuning of SIEM solutions (Splunk/ AlienVault/OSSIM/ELK).
- Gain hands-on experience on the SIEM use case development process.
- Develop threat cases (correlation rules), create reports, etc.
- Learn use cases that are widely used across the SIEM deployment.
- Plan, organise and perform threat monitoring and analysis in the enterprise.
- Monitor emerging threat patterns and perform security threat analysis.
- Gain hands-on experience in the alert triaging process.
- Escalate incidents to appropriate teams for additional assistance.
- Prepare briefings and reports of analysis methodology and results.
- Gain knowledge of integrating threat intelligence into SIEM for enhanced incident detection and response.
- Make use of varied, disparate, constantly changing threat information.
- Gain knowledge of the Incident Response Process.
- Gain understating of SOC and IRT collaboration for better incident response
Career Opportunities
- SOC Analyst, Cybersecurity Analyst
- Network Security Operator
Expert Mentor
Codemithra Team
The Codemithra team comprises an accomplished group of mentors who bring to the table real-world subject matter knowledge and industry experience. Our mentors are experts who effectively and quickly take our learners to the next level.
certificate
