EC-Council CSA – Certified SOC Analyst Certification Boot Camp

Our Official EC-Council Certified SOC Analyst Certification Boot Camp is a comprehensive review of working in a security operations center & industry best practices merged with Training Camp’s award-winning comprehensive exam preparation for the CSA exam. The EC-Council Certified SOC Analyst is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry. The program focuses on creating new career opportunities through extensive, meticulous knowledge with enhanced level capabilities for dynamically contributing to a SOC team.

Retail Price: $2,495.00

Next Date: Request Date

Course Days: 3


Request a Date

Request Custom Course


EC-Council Official CSA Courseware

Our Certified SOC Analyst courseware keeps immediate pace with advancements in exam content by incorporating feedback from our thousands of certified alumni students. They are reviewed every 30 days to ensure all information reflects the most current updates. Relying on traditional books or externally sourced materials do not offer this advantage.

 

CPE/CEU Post Class Package

It is very important to stay up to date in this industry. CEUs are required to keep your certifications current. If you want to maintain your professional certified status, we are here to help keep your certifications current.

 

EC-Council Official CSA Exam Voucher

Number of Questions: Maximum of 100 questions
Type of Questions: Multiple choice
Length of Test: 3 hours
Passing Score: 70%
Recommended Experience: one year of work experience in the Network Admin/Security domain


Module 1 – Security Operations and Management

Explain the overall SOC purpose to the organization and which internal processes belong to which functions
Describe the role of SOC analyst tiers within the other roles and processes within the organization
Explain how the SOC analyst contributes and applies security policies to the organization
Select SOC analyst-appropriate tools and/or processes based on the type of task required by the business scenario

 

Module 2 – Understanding Cyber Threats, IoCs, and Attack Methodology

Given a scenario within the threat landscape, identify common attack techniques and profiles that target common vulnerabilities
Perform threat research and compare popular online vulnerability and blogs and databases
Establish a known-good network baseline
Validate the known-bad to a known-good baseline

 

Module 3 – Incidents, Events, and Logging

Describe the purpose of logs, log generating events, and use of logs in relation to prevent, detect, and respond
Describe how alerts are triggered by incidents and logs are used to correlate those incidents
Locate network device logs and compare common data found in logs from firewalls, IDS/IPS, UTMs, and NTA, including their actual data fields
Contrast data fields found in logs from Linux and Windows systems, including registry and other local databases
Configure alert triggers and filters in devices and applications to avoid false positives
Use analysis techniques with log viewers and tools to detect symptoms of phishing, DoS/DDoS, injection, hijacking, malware communication, and authentication attack events
Use custom plugins and bash/Powershell scripting to automate large-scale analysis of log files
Create basic Python scripts used to automate tasks and correlate relevant data

 

Module 4 – Incident Detection with Security Information and Event Management (SIEM)

Describe the purpose and application of SIEM
Analyze SIEM results and correlate multiple events in enterprise security incidents across network devices and traffic
Using tools like Splunk to detect evidence of post-attack strategies such as APT, lateral movement, data exfiltration, and anti-forensics

 

Module 5 – Enhanced Incident Detection with Threat Intelligence

Use protocol analyzers to capture live traffic on different network segments
Filter packet capture by protocol, source, destination, and other fields
Use analysis techniques with packet analyzers to detect symptoms of phishing, DoS/DDoS, injection, hijacking, malware communication, and authentication attack events
Export packet captures and other analyzable reporting formats

 

Module 6 – Incident Response

Given a scenario, determine which phase of incident response operation it describes, including reporting and brief templates
Determine IOC identification, initial point of compromise identification, scoping methods and containment strategies, eradication and remediation actions for a given type of incident
Identify incident scoping measure strategies and indicators of compromise use in incident response operations
Given malware or adversary tools, identify methods for eradication of malware or adversary tools, and restoration and remediation activities



Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com


Request a Date