Cyber Security Soc Analyst Training - Siem (Splunk) - [2022]

[ eLearninfosec ] SOC Analyst training - Interview Questions also included -Its hands on experience on splunk SIEM

What you'll learn
Student will gain the knowledge of Networking, Cyber Security and SOC analyst role activities content with hands on practicals
Requirements
There are no course prerequisites. You should know how to use internet and computer
Description
Cyber Security SOC analyst training Splunk (SIEM) For those who are aspiring to certify themselves as well as enhance their knowledge and skills on becoming a SOC analyst. This course is specially designed for all level of interested candidates who wants get in to SOC.Work of a SOC analyst?A Security Operation Center Analyst is primarily responsible for all activities that occur within the SOC. Analysts in Security Operations work with Security Engineers and SOC Managers to give situational awareness via detection, containment, and remediation of IT threats. With the increment in cyber threats and hacks, businesses are becoming more vulnerable to threats. This has significantly enhanced the importance of a SOC Analyst. For those in cybersecurity, it can be a dynamic role. SOC Analysts cooperate with other team members to detect and respond to information security incidents, develop and follow security events such as alerts, and engage in security investigations.Furthermore, SOC Analysts analyze and react to undisclosed hardware and software vulnerabilities. They also examine reports on security issues and act as ‘security advisors’ for an organization.This course helps you to learn and implement those strategies and with  training provided. This will in turn help you play a significant role in defending against cyber threats and keeping sensitive information secure.

Overview

Section 1: Course Introduction

Lecture 1 1. Cyber Security Analyst - Intro to Course Content

Section 2: Networking Concepts

Lecture 2 Introduction to organization Network

Lecture 3 Introduction to organization Network

Lecture 4 ISO Model - Application and Presentation Layer Basics

Lecture 5 ISO Model - Session, Transport, Network and DataLink Layer Basics

Lecture 6 ISO Model Recap AND Public/Private Address Range

Lecture 7 Introduction to web technology

Lecture 8 Understanding HTTP protocol Part 1

Lecture 9 Understanding HTTP Part 2 and Understanding Service Ports Part 1

Lecture 10 Understanding SMB, SMTP, Telnet, SSH, FTP, SMTP, MySql Services.

Lecture 11 Introduction to Windows - Types of Wiondows OS and Permissions

Lecture 12 Windows OS - Computer Management, Utilities

Lecture 13 Indept on Port Numbers - Part 1

Lecture 14 Indept on Port Numbers - Part 2

Section 3: Cyber Security Concepts

Lecture 15 Introduction to Security CIA Encryption and Hashing

Lecture 16 Defence InDeapth Approach

Lecture 17 Cyber Kill chain OR Phases of Attack.mp4

Lecture 18 Brute Force Attack and Types

Lecture 19 Phishing and Spoofing Attacks

Lecture 20 DNS Tunneling Attack

Lecture 21 Malware and its Types

Lecture 22 OWASP Top 10

Section 4: Understanding Splunk, SIEM and SOC Process

Lecture 23 Splunk installation

Lecture 24 Splunk Universal Farward Installation

Lecture 25 Introduction to Splunk

Lecture 26 SOC Process

Lecture 27 SOC Roles and Responsabilities

Lecture 28 SIEM Architecture

Section 5: Understanding Various Logs, Dashboard and Alert creations

Lecture 29 Uploading Demo Logs to Splunk and firewall Log analysis

Lecture 30 Understanding Firewall Logs

Lecture 31 Splunk Dashboard creation - Firewall Part 1

Lecture 32 Splunk Dashboard creation - Firewall Part 2

Lecture 33 IDS Log Analysis

Lecture 34 DNS Profiling Scenarios Part 1

Lecture 35 DNS Profiling Scenarios Part 2

Lecture 36 Understanding DNS Logs

Lecture 37 Understanding HTTP Logs Part 1

Lecture 38 Understanding HTTP Logs Part 2

Lecture 39 Understanding Windows Log

Lecture 40 Understanding Windows Event IDs

Lecture 41 Windows Sysmon Log Analysis

Lecture 42 Understanding Antivirus Logs

Section 6: Walkthrough SIEM usecases and Incident Handling Stages

Lecture 43 SIEM Use cases Part 1

Lecture 44 SIEM Use cases Part 2

Lecture 45 SIEM Use cases Part 3

Lecture 46 Malware outbreak Analysis

Lecture 47 Incident Handling stages

Section 7: Introduction to threat Hunting

Lecture 48 Threat Hunting - Scanning attack on Web Server

Lecture 49 hreat Hunting - Brute Force Attack

Lecture 50 Email Header Analysis

Section 8: Networking and Security Interview Questions

Lecture 51 what are networking devices?

Lecture 52 what is P address and IP address classification?

Lecture 53 What is NAT and PAT?

Lecture 54 Tell me few port numbers which you know?

Lecture 55 How a Firewall Works?

Lecture 56 How VPN works?

Lecture 57 What is Symmetric and Asymmetric Encryption?

Lecture 58 Explain CIA triad?

Lecture 59 What is the difference in between SSL and HTTPS?

Lecture 60 How do you stay up to date on Cyber Security news and latest attacks

Lecture 61 What is the difference between Virus and Warm?

Lecture 62 Explain SQL Injection Attack

Lecture 63 What is botnet?

Lecture 64 What is Brute Force Attack?

Lecture 65 SIEM related interview topics

Section 9: SIEM Interview Questions and Answers

Lecture 66 SIEM Dashboard and Use cases

Lecture 67 What are different event logs you analyze?

Section 10: SOC Process Interview Questions and Day to Day Activities

Lecture 68 What is Security Operation Center?

Lecture 69 What are various Security Devices used in your orrganization?

Lecture 70 How does a SOC Team manage or work in an Organization?

Lecture 71 What are the Roles and Responsibilities of SOC Engineer?

Lecture 72 What are the fields in Sample Incident Ticket - ServiceNow ?

Lecture 73 what are Service level Agreements for the SOC Incidents?

Lecture 74 What is False Positive Analysis? or what are various outcomes of Analysis?

Lecture 75 How many Logs sources are there in your organization?

Lecture 76 What are the steps in Incident Response Life Cycle

Lecture 77 Can you please explain what you will do after getting an alert? (Alert IR FLow)

Lecture 78 How will you manage work in shifts?

Lecture 79 How do you handle P1, P2, P3 and P4 Incidents?

Section 11: SIEM Alert Analysis Interview Questions

Lecture 80 How do you analyze if receive a Brute Force Attack Alert?

Lecture 81 what will you do if receive a Malware Attack Alert?

Lecture 82 How do you analyze Phishing email attack?

Lecture 83 How do you Analyze SQL Injection attack?

Lecture 84 How do you analyze DDOS Attack?

Lecture 85 How do you analyze if a suspicious IP detected in outbound traffic?

Section 12: Discussion on Real Time Activities

Lecture 86 Discussion on Real Time Activities

Section 13: Course wrapup

Lecture 87 Course Wrapup

Students who are interested in Cyber security