CSAECEC-CouncilEC-CSA1<ul> <li>Gain Knowledge of SOC processes, procedures, technologies, and workflows.</li><li>Gain basic understanding and in-depth knowledge of security threats, attacks, vulnerabilities, attacker&rsquo;s behaviors, cyber kill chain, etc.</li><li>Able to recognize attacker tools, tactics, and procedures to identify indicators of compromise (IOCs) that can be utilized during active and future investigations.</li><li>Able to monitor and analyze logs and alerts from a variety of different technologies across multiple platforms (IDS/IPS, end-point protection, servers and workstations).</li><li>Gain knowledge of Centralized Log Management (CLM) process.</li><li>Able to perform Security events and log collection, monitoring, and analysis.</li><li>Gain experience and extensive knowledge of Security Information and Event Management.</li><li>Gain knowledge on administering SIEM solutions (Splunk/AlienVault/OSSIM/ELK).</li><li>Understand the architecture, implementation and fine tuning of SIEM solutions (Splunk/AlienVault/OSSIM/ELK).</li><li>Gain hands-on experience on SIEM use case development process.</li><li>Able to develop threat cases (correlation rules), create reports, etc.</li><li>Learn use cases that are widely used across the SIEM deployment</li><li>Plan, organize, and perform threat monitoring and analysis in the enterprise.</li><li>Able to monitor emerging threat patterns and perform security threat analysis.</li><li>Gain hands-on experience in alert triaging process.</li><li>Able to escalate incidents to appropriate teams for additional assistance</li><li>Able to use a Service Desk ticketing system.</li><li>Able to prepare briefings and reports of analysis methodology and results.</li><li>Gain knowledge of integrating threat intelligence into SIEM for enhanced incident detection and response</li><li>Able to make use of varied, disparate, constantly changing threat information.</li><li>Gain knowledge of Incident Response Process</li><li>Gain understating of SOC and IRT collaboration for better incident response.</li></ul><ul> <li>SOC Analysts (Tier I and Tier II)</li><li>Network and Security Administrators, Network and Security Engineers, Network Defense Analyst,Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations</li><li>Cybersecurity Analyst</li><li>Entry-level cybersecurity professionals</li><li>Anyone who wants to become a SOC Analyst.</li></ul><ul> <li>Module 1: Security Operations and Management</li><li>Module 2: Understanding Cyber Threats, IoCs, and Attack Methodology</li><li>Module 3: Incidents, Events, and Logging</li><li>Module 4: Incident Detection with Security Information and Event Management (SIEM)</li><li>Module 5: Enhanced Incident Detection with Threat Intelligence</li><li>Module 6: Incident Response</li></ul>- Gain Knowledge of SOC processes, procedures, technologies, and workflows. - Gain basic understanding and in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, cyber kill chain, etc. - Able to recognize attacker tools, tactics, and procedures to identify indicators of compromise (IOCs) that can be utilized during active and future investigations. - Able to monitor and analyze logs and alerts from a variety of different technologies across multiple platforms (IDS/IPS, end-point protection, servers and workstations). - Gain knowledge of Centralized Log Management (CLM) process. - Able to perform Security events and log collection, monitoring, and analysis. - Gain experience and extensive knowledge of Security Information and Event Management. - Gain knowledge on administering SIEM solutions (Splunk/AlienVault/OSSIM/ELK). - Understand the architecture, implementation and fine tuning of SIEM solutions (Splunk/AlienVault/OSSIM/ELK). - Gain hands-on experience on SIEM use case development process. - Able to develop threat cases (correlation rules), create reports, etc. - Learn use cases that are widely used across the SIEM deployment - Plan, organize, and perform threat monitoring and analysis in the enterprise. - Able to monitor emerging threat patterns and perform security threat analysis. - Gain hands-on experience in alert triaging process. - Able to escalate incidents to appropriate teams for additional assistance - Able to use a Service Desk ticketing system. - Able to prepare briefings and reports of analysis methodology and results. - Gain knowledge of integrating threat intelligence into SIEM for enhanced incident detection and response - Able to make use of varied, disparate, constantly changing threat information. - Gain knowledge of Incident Response Process - Gain understating of SOC and IRT collaboration for better incident response.- SOC Analysts (Tier I and Tier II) - Network and Security Administrators, Network and Security Engineers, Network Defense Analyst,Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations - Cybersecurity Analyst - Entry-level cybersecurity professionals - Anyone who wants to become a SOC Analyst.- Module 1: Security Operations and Management - Module 2: Understanding Cyber Threats, IoCs, and Attack Methodology - Module 3: Incidents, Events, and Logging - Module 4: Incident Detection with Security Information and Event Management (SIEM) - Module 5: Enhanced Incident Detection with Threat Intelligence - Module 6: Incident Response3 jours1950.001950.001950.001950.003500.003500.003500.003950.003500.00