Security Operation Centre: Network with Threat Detection and Analysis Training

Duration:
5 Days

Fortify your organization against advanced cyber threats with proactive security measures. A skilled SOC team, equipped with sophisticated detection and prevention technologies, is essential. This 5-day workshop provides a vendor-neutral understanding of network security threats, enabling you to create actionable intelligence and enhance your organization's cyber resilience.

contact us
view training calendar

Course Description

This 5-day workshop is designed for participants to have a firm understanding of Network Security Threats using non-vendor biased technology and to create actionable intelligence which could give an organisation advanced preparation with the likelihood of attacks.

Course Outline

This course is intended for cyber security professionals, network and infrastructure security professionals and network administrators.

Day 1

  • Real-world cyber threat case study
  • Understanding cyber threats from a government standpoint
  • Understanding Security Operation Functionality
  • Understanding Security Operation Technologies requirement
  • SOC – Job Functions and Levels involved in operations
  • Incident Detection Methodology
  • Incident Detection Technology

Day 2

  • Understanding Logging Requirements
  • Understanding Large Data Requirements for Logging and Log Types
  • Understanding Big Data Concept and Mapping Government Log Management
  • Introduction to ELK - Elasticsearch / Logstash and Kibana
  • Government Log Management Solutions and Practices
  • SOC Case Study - Log Review Practices
  • Log Management Service Deployment Technologies

Day 3

  • Understanding Technological Risk
  • Risk Assessment and Risk Management
  • Mitigation Procedures
  • Fundamentals of PCAP analysis
  • Types of Capture files and its usage
  • Lawful Interception vs Unlawful Interception
  • Decoding and Deciphering Packet Contents

Day 4

  • Understanding Firewall Technologies and Firewall Log output
  • Analysing Firewall Traffic
  • Understanding Intrusion Detection Systems
  • SNORT as an IDS/IPS
  • IDS/IPS Implementation Methodologies & Requirements
  • Understanding DMZ Events (DNS / A / MX) logs
  • Network Topology Mapping

Day 5

  • Fundamentals of Incident Management
  • Incident Escalation and Incident Management Process
  • Applying Appropriate Controls SOC
  • Overview of TIA - 942 Compliance in SOC – Datacentre
  • Security Policies & Requirements for SOC
  • SOC Management Process & Staffing Requirements
  • Incident Reporting Best Practices and Incident Post Mortem
  • Integrating Vendor Specific and Vendor Neutral Appliances in SOC

Pre-requisite

Participants attending this course should have working knowledge in the following areas:

  • Fundamentals of Networking Technologies
  • Fundamentals of Linux Operating Systems
  • Knowledge of types of Attacks and Threats
  • Programming Language (Python, PERL or C) would be an added advantage

We’re committed to helping you achieve your professional goals. 

Fill out the form below, and we’ll get back to you as soon as possible.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Phoenix one
HomeAboutContact Us
solutions
Talent Solutions
Corporate Solutions
Site by Noro & Sün
© Copyright Phoenix One