Menu Close

SOC Analyst Onboarding Formation

CECyber SOC Analyst Onboarding Formation

The program qualifies SOC analysts to respond to cyber attacks commonly encountered in companies. The scenarios aim to challenge students and provide practical experience to act in resolving an incident effectively.

Content

CompTIA Security+ (40h)*

Validates basic skills to perform key security functions, such as installing and configuring systems to protect applications, networks and devices; perform threat analysis; participate in risk mitigation activities; and operate with knowledge of applicable policies, laws and regulations.

* Does not include voucher for the CompTIA certification test.

CECyber Range Experience (36h)

In SOC Onboarding Formation, the student will be exposed to 9 real cyber attack scenarios in the Cyberbit Range. These are practical classes, ranging from 3 to 6 hours each, depending on the level of difficulty, and prepare the student to act in the identification, containment and mitigation of cyber incidents. Scenarios contemplated:

  • Web Defacement;
  • Apache Shutdown;
  • Trojan Data Leakage;
  • DDoS DNS Amplification;
  • WPAD Man-in-the-Middle;
  • SQL Injection;
  • DB Dump via FTP Exploit;
  • Java SendMail;
  • Ransomware.

Target Audience

Beginning SOC analysts.

Level of expertise

Beginner / intermediate.

Prerequisites

Basic knowledge in Information Technology, Computer Networks and Communication Protocols.

Duration

76 hours.

Format

Presencial / Online.

Skills acquired

  • Familiarity with runbooks and corporate workflows;
  • Recognition of common threat behaviors and attack vectors;
  • Best practices for responding to cyber incidents;
  • Conducting forensic data collection and investigations after an attack;
  • Analysis of vulnerabilities in operating systems;
  • Operation of Cybersecurity tools, such as Firewall, SIEM, Monitoring System, IPS and IDS;
  • Configuration analysis of Web and E-mail servers;
  • Understanding the decision making process in cyber incidents;
  • Information retrieval in Ransomware scenarios;
  • Containment of data leaks and denial of service events.