Cyber Security SOC Analyst

Discover Your Future in Cyber Security with SNQTECH

Are you passionate about cybersecurity and eager to explore the world of digital security? Our comprehensive Cybersecurity Program is tailored to provide the skills and knowledge needed to thrive in the IT security field.

Experienced Mentors
Dedicated to Success
Certificate of completion
Accessible & Supportive

Why Choose Our Cybersecurity Program?

Hands-on Experience:

Gain proficiency in essential tools and techniques such as Threat Detection, Incident Response, Ethical Hacking, SIEM, Vulnerability Assessment, and Network Security.

Expert Mentorship:

Learn directly from industry professionals who will mentor and support you throughout your cybersecurity journey.

Career Assistance:

Receive guidance on job searches, resume building, and interview preparation to help you secure a cybersecurity role.

What You'll Learn

Fundamentals of Cybersecurity

Threat Detection and Analysis

Incident Response

SIEM and Log Management

Ethical Hacking and Vulnerability

Who are Eligible

Individuals with a degree in B. Tech / M.Tech / MCA / M.Sc / M.A / MBA / BCA / B.Sc (any specialization).

No prior experience required.

Passion for technology and a detail-oriented mindset are key.

Duration

45 Sessions

Validity

Life Time

Mode

Virtual

Eligibility

Everyone

What we are going to learn in this course?

Cyber Security Ethical Hacking & Advanced SOC Analyst
Information Security Engineer

Chapter 1: Fundamentals of Information Technology

Ø About Information Technology

Ø About Software’s

Ø Types of Software’s

Ø About Operating System

Ø Types of Operating System

Ø Hardware and Types of Hardware

Ø IT Infrastructure Assets in Enterprise Security

Ø IT Infrastructure in Small, Medium & Large Enterprise

Chapter 2: Fundamentals of Cyber Security

Introduction about Cyber Security
Why is Cyber Security Critical?
History of Cyber threats Explained
Important Cyber Security Fundamentals
Key Concept of Cyber Security
Basic Terminologies of Cyber Security
Common Types of Cyber Attacks
Cyber Security Job Roles
Cyber Security Best Practices
Cyber Security Certifications
- ECCouncil
- CompTia
- Offensive Security
- GIAC
- Cisco Certification
- Azure/AWS Security Cloud

Chapter 3: Introduction to Networks

Network & Its Types
Network Devices
OSI and TCP/IP Reference Model
Network Topologies
IP Address and Classifications
IPv4 & IPv6
Subnetting
Routers & Switches
Firewall & IDS/IPS
Network Ports

Lab 1:

Windows & Linux Installation
Linux Terminal / CLI
Basic and Advance Commands practice session.
Reputation Check for IP, URL

Chapter 4: Introduction to Ethical Hacking

CIA TRAID and AAA Models
Hacking—Definition, Types, Security, and More
Types of Hackers & Various Hacking Techniques
- White Hat Hacker / Ethical Hacker
- Black Hat Hacker
- Red Hat Hacker
- Gray Hat Hacker
- Green Hat Hacker
- Blue Hat Hacker
- Script Kiddie
- Anonymous Hacker
What is Hacking
Difference between Ethical Hacking vs Hacking
Types of Cybercrimes
Types of Ethical Hacking
5 Phases of Hacking
- Reconnaissance/ Footprinting
- Scanning Networks
- Gaining Access
- Maintaining Access
- Clearing Tracks
Virtual Machines –
- VMWare Workstation
- Virtualbox
Kali Linux – Tools

Lab 2:

Installation of VMware
Installation of Guest OS
Installation of Windows in VMware
Installation of Kali Linux
CLI commands in Kali Linux

Network Monitoring

Chapter 5: Cyber Threats and Attacks

Threat, Vulnerability & Risk
Types of Threats
Physical Threats & Non-Physical Threats
Information Security Threats
Network Security Threats
Social Engineering
Data Breach –
Why Do Data Breaches Happen
Types of Data Breach
- Ransomeware
- Business Email Compromise(BEC)
- Stolen Information
- Phishing
- Password Guessing
- Distributed Denial of Service (DDoS Attack)
- Malware
- Keystroke Loggers

Chapter 6: Defensive Measures

SOC & SIEM
Vulnerability Management
Cyber Threat Intelligence
Cryptography Concepts
Describe the uses of a hash algorithm
Describe the uses of encryption algorithms
Compare and contrast symmetric and asymmetric encryption algorithms
Describe the security impact of these commonly used hash algorithms
- MD5
- SHA-0, SHA-1, SHA-2 (Old)
- SHA-256
- SHA-512
- SHA-224
Firewall
DLP

Chapter 7: OWASP Top10 2023 & SANS Top 25

About OWASP (Open Web Application Security Project)
OWASP top 10 vulnerabilities 2023
A01:2021 – Broken Access Control
A02:2021 – Cryptographic Failures
A03:2021 – Injection
A04:2021 – Insecure Design
A05:2021 – Security Misconfiguration
A06:2021 – Vulnerable and Outdated Components
A07:2021 – Identification and Authentication Failures
A08:2021 – Software and Data Integrity Failures
A09:2021 – Security Logging and Monitoring Failures
A10:2021 – Server-Side Request Forgery (SSRF)
About SANS Top 25 Software weakness
SANS Top 25 Common Software Weakness 2023

Chapter 8: Fundamentals of Security Operation Center SOC

What Is a Security Operations Center
What Does a SOC Do?
Key Functions of a SOC
- Tier 1 – Triage
- Tier 2 – Investigation
- Tier 3 – Threat Hunting
How Is a SOC Structured?
Key SOC Roles and Responsibilities
Overview of Tools in a Security Operation Center in an Organization?
- SIEM
- Network Intrusion Detection System (NIDS)
- Network Intrusion Prevention System (NIPS)
- Security Orchestration, Automation and Response (SOAR)
- Security Analytics Platforms
- Endpoint Detection and Response (EDR)
- Vulnerability Management Solutions
- Data Loss Prevention (DLP)
- Identity and Access Management (IAM)
- Firewalls
- XDR
IBM QRadar SIEM Solutions in a SOC
NOC vs SOC
Modern-Day SOCs: People, Process & Technology
Cyber Security Monitoring
The Essentials of Cyber Security Monitoring
Why Security Monitoring is Important
Cyber Security Threat Monitoring Work
Why Security Monitoring is Important?
Security Monitoring Tools

Chapter 9: Understanding Windows and Linux Operating System Logs

Types of Windows Logs
Event Log
Flow Log

Application Log
Security Log
Setup Log
System Log
Forwarded Logs
Types of Linux Logs
Application Log
Service Logs
System Logs
Understanding Security device Logs
Firewall Logs

IPS, WAF Logs
Proxy, Email Gateway Logs
Mandatory Network Concepts in SOC Contd..
Introduction / Addressing

Topology and Types of Topology
Hub, Router, Switch
Internet Protocol Address IP and its classifications
Firewall and Types of Firewall
Domain Name System (DNS)
Mandatory Ports for SOC Analysis
Mandatory Protocols for SOC Analysis
Data Transmission using TCP and UDP
Protocols SMTP, FTP, SFTP, HTTP, HTTPS, NTP

Lab 2:

Windows Logs
Linux Logs
Analyzing Raw Logs
Investigating the Logs and reporting
Threat Intelligence Tools for Analysis

Chapter 10: Fundamentals of SIEM – IBM QRadar

Introduction of SIEM
Architecture of IBM QRadar
Event Collector & Flow Collector
IBM QRadar and its functionalities

Chapter 11: SIEM – IBM QRadar Analyst

Walk Around of QRadar Tabs
Dashboard
Dash Board Creations for Real-time Monitoring
Offense Analysis
- Analyzing Different types of Offenses/ Attacks with real time Examples.
- Ransomware Analysis.
- Anti-Virus Incident Analysis.
- Malicious IP Communication
- HTTP Browser Activities.
Log Activity
Different Types of Event Logs
How to analyze the Log activity data.
Uses of Log Activity data
Identifying the information using Log Activity
Network Activity
Different Types of Flow Logs
Reports
About Report based on the client or Customer Requirement.
Daily – Business as Usual Activities – 4 Nos
Weekly – Security Monitoring – 7 Nos
Monthly – Governance Reports – 7 Nos
Monthly – EPS Reports – 1 Nos
Incident Response Playbooks & Runbook
What is Security Incident Playbook
What is Security Incident Runbook
Difference between Playbook and Runbook

LAB :-

Your Day 1 as a SOC Analyst
SOC Analyst L1 Role – Log Activity Monitoring
Assigning an incident and creating an QID
Analyzing using reputation tools
Email writing as a Analyst after Analyzing the incident
SOC Analyst L2 Role – Offense Monitoring
Assigning an Offense and creating an QID
Analyzing Offense and sending email to network team to block the IP/URL

You will be SOC L1 Analyst, Information Security Analyst

Advance Course: SIEM Admin and SOC L2 Coordinator

Chapter 12: SIEM Administration – IBM QRadar Admin Task as Security Engineer

Identifying False Positives and True Positives based on different Scenarios.
Creation of Reference sets using Different Types of Advisories.
Use Case Creations by Using Reference sets and Different conditions based on our requirement.
Fine tuning the rules as per the customer requirement or team requirement.
Adding IOCs to the Rule conditions.
Deletion of IOC’s
Log Source Integrations & Protocols (Windows & Linux and Firewall)
Daily Admin health checkup
On-boarding of Windows Logs
Alerts Creation
Command Line Interface and its Uses
How to use Win collect agent
Identifying the list of Events and Flows

LAB:-

Installing QRadar Community Edition
Win collect Agent installation
On boarding Assets to SIEM
Creating Reference set
Adding Reference Set to SIEM
Altering/Deleting Reference Set
Threat Intel Advisory Feed to SIEM
Creating Reports

Chapter 13: Attacking Frame Works

Cyber Kill Chain
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and control (C2)
Actions on objectives.
Protocol Layers (OR) OSI Layers
- The Physical Layer
- The Data Link Layer
- The Network Layer
- The Transport Layer
- The Session Layer
- The Presentation Layer
- The Application Layer
MITRE Attack
- Reconnaissance
- Resource Development
- Initial Access
- Execution
- Persistence
- Privilege Escalation
- Defense Evasion
- Credential Access
- Discovery
- Lateral Movement
- Collection
- Command and Control
- Exfiltration
- Impact

Chapter 14: Email Analysis

Email headers
Types of Emails
How to analyze the RAW data in the Email
Different Types of Email attacks

Chapter 15: Malware Analysis in the Modern SOC

About Malware Analysis
Dynamic vs Static malware analysis
Understand the purpose and behaviors of a suspicious file.
OSINT (Open Source Intelligence)
Cyberchef
IDA Pro

Chapter 16: Threat Intelligence

Introduction to Threat Intelligence
Types of Threat Intelligence
Threat Intelligence Lifecycle and Frameworks
Threat Detection
IOC vs IOA
Collecting Latest IOCs
Threat Advisory – Bleeping computers
Threat Intelligence feeds
Data Collection and Processing

LAB:-

Hands on practice for identifying IOC’s from various Threat Intelligence Tools
Collecting IOC’S, IP’S, Domains, URL’S and File Hashes from the different Security Advisories

Chapter 17: Threat Hunting

What is Threat Hunting
Methods of Threat hunting
Developing Hypothesis
IOC based Hunting
Tool based Threat Hunting
Different Types of Open Sources for Hunting
Skills & Qualification as a Threat Hunter
Attack methodologies.

Future Career Opportunities

The cybersecurity industry is rapidly expanding, with a growing demand for skilled professionals to protect digital assets. Equip yourself with the knowledge to pursue roles such as:

SOC Analyst

Threat Hunter

Security Operations Specialist

Incident Response Specialist

Ethical Hacker

Ready to Transform Your Career?

Enroll today and be your own master in the IT industry with SNQTECH!

Do You Have Questions ?

We’ll help you to grow your career and growth.

SNQTECH is a forward-thinking online education platform dedicated to empowering learners with cutting-edge technology skills. We specialize in providing high-quality, accessible online coaching, focusing on the latest advancements in technology, business, and industry trends. At SNQTECH, we are committed to fostering a dynamic learning environment where students can develop practical, real-world skills through expert-led instruction and hands-on experience. Our goal is to equip learners with the knowledge and tools they need to excel in today’s fast-paced digital landscape, making education both innovative and effective.