ELITE Professional SOC Administrator Certification Training

Course Overview

Managing cyber security operations entails the design, build, operate all dimensions of the technology, people and process needed to run a SOC (Security Operation Center). This 3-days course provides a comprehensive overview of the daily activities performed by SOC Analysts Tier 1 and Tier 2 in their job.

The training course includes lab exercises that allow participants to work in a live as well ell as the simulated environment where they can practice the skills required to analyze and manage security events by using Tecforte MSSGard solution. These simulations help participants to demonstrate their understanding while building real-world cyber security operations skills.

For more information email:
This session lays the foundational aspects of the Security Operations Center (SOC) by discussing the functional areas that form the basis of the build and operate days that follow.

> High-level Definition of Security Operations Centre (SOC)
> SOC Roles and Responsibilities
> What’s The Difference Between Logs, Events, Alerts, And Incidents?
> What’s The Difference Between False Positive, True Positive, False Negative, And True Negative?
> What’s the difference between MSSP and enterprise SOC?
> Security Incident Response Life Cycle

This session provides a foundation on Attack Methodologies commonly known, as well as various malware taxonomies. We will also touch on common areas to look for in logs and different types of infrastructures that are important to consider when building a SOC including infrastructure that is needed to protect your organization, run your SOC, and manage your SOC.

> Attack Methodologies
> Understand the motives of an attacker
> Identify common reasons for cyber attacks
> Discuss common attack vectors which will result in incident response
> Review malware taxonomy: virus, worm, Trojan, RAT, rootkit, and bootkit
> Discuss the purpose of the different types of malware

> Critical Log Analysis For Security Event
> Log Analysis Standard Procedure
> Potential Security Log Sources
> Typical Log Locations
> What To Look For On Linux
> What To Look For On Windows
> What To Look For On Network Devices
> What To Look For On Web Servers

> Tools that support Prevention, Detection, Analysis, Incident Response
> Security Devices
> Packet Captures
> Security Information and Event Management
> Incident Ticket Management
> Asset Management
> Vulnerability Management
> Threat Intelligence Platform

We will take a look into the high-level of MSSGard, an all-in-one security management platform with many breakthrough features, custom workflows and knowledge base tailored to the needs of today’s security operations center. Participants will have the chance to use web-based MSSGard to create preliminary data that form the basis for the following days of hands-on exercises.

MSSGard Technology Overview & Features:

> Data Onboarding
> Data Enrichment
> Event Analysis Tool
> 2-tiers Event Filtration
> Centralized Threat Intelligence
> Asset and Vulnerability Management
> Alert and Escalation
> Customized Email Templates
> Reports
> Hands-on Exercises in using SOC Platform
> Creating Indicators and Observables for Correlation
> Performing Alert Triage and Incident Escalation (Tier 1)
> Examine and Validate Security Events (Tier 2)

This course includes a 100 multiple-choice examination to validate the participants’ understanding of SOC Fundamentals, the MSSGard SOC Platform as well as basic Cybersecurity/Networking. This is a 2-hour Examination. Participants who pass the examination will be provided with the ELITE Professional Certified SOC Analyst Certificate.