KEMBAR78
SOC Engineer Training Guide | PDF | Incident Management | Computer Security
Scribd
Upload
257 views3 pages

SOC Engineer Training Guide

The document discusses the content of a SOC Engineer training course from Koenig. The course is suited for those seeking a career in cybersecurity, such as information security managers, SOC analysts and engineers, and IT professionals. The course covers key topics including SOC concepts, SIEM, log management, incident response plans, incident handling steps, and developing effective incident response teams. It aims to provide advanced skills for combating sophisticated cyber threats.

Uploaded by

NETRICH IT Solutions
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
257 views3 pages

SOC Engineer Training Guide

The document discusses the content of a SOC Engineer training course from Koenig. The course is suited for those seeking a career in cybersecurity, such as information security managers, SOC analysts and engineers, and IT professionals. The course covers key topics including SOC concepts, SIEM, log management, incident response plans, incident handling steps, and developing effective incident response teams. It aims to provide advanced skills for combating sophisticated cyber threats.

Uploaded by

NETRICH IT Solutions
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 3

SOC COURSE CONTENT

Cyber attacks and intrusions are almost unfeasible to prevent, given the openness
of today’s networks and the growing sophistication of advanced threats. In
response, the practice of cyber security should focus on ensuring that intrusion and
compromise do not result in business damage or loss. SOC Engineer course from
Koenig will provide students with the advanced skills to combat advanced cyber
threats.

Who Should do the SOC Engineer [Security Operations Center] Training


Course?

SOC Engineer course is best suited for anyone who wants to establish his/her career
in cyber security. This course is recommended for the following professionals:

 Information security managers


 SOC Managers, Analysts & Engineers
 Information security architects
 IT managers
 Operations managers
 Risk management professionals
 IT/system administration/network administration professionals
 IT auditors
 Business continuity and disaster recovery staf

Course Content

Security Operations Center Concepts

o What is SOC
o Why is it required? (Objectives)
o SOC Infrastructure
o Log management
 Computer Security Log Management
 Log Management Infrastructure
 Log Management Planning
 Log Management Operational Process

SIEM (Security Information & Event Management)

o Introduction to SIEM
o SIEM Architecture
o Logs and Events
o Understanding logs, various formats
o Log Baselining
o Aggregation and normalization
o Event Collection and Event Correlation
o Correlation Rules
o IBM QRadar
 Components
 Installation & Deployment
 Initial Configuration
 Console Overview
 Lab
o ArcSight (MicroFocus)
 ArcSight Product Family
 Smart Connectors
 Logger
 ESM

Incident Response

o Incident Response Plan


 Purpose of Incident Response Plan
 Requirements of Incident Response Plan
 Preparation
o Incident Response and Handling Steps
 Step 1: Identification
 Step 2: Incident Recording
 Step 3: Initial Response
 Step 4: Communicating the Incident
 Step 5: Containment
 Step 6: Formulating a Response Strategy
 Step 7: Incident Classification
 Step 8: Incident Investigation
 Step 9: Data Collection
 Step 10: Forensic Analysis
 Step 11: Evidence Protection
 Step 12: Notify External Agencies
 Step 13: Eradication
 Step 14: Systems Recovery
 Step 15: Incident Documentation
 Step 16: Incident Damage and Cost Assessment
 Step 17: Review and Update the Response Policies
o Incident Management
 Purpose of Incident Management
 Incident Management Process
 Incident Management Team
o Incident Response Team
 Incident Response Team Members
 Incident Response Team Members Roles and Responsibilities
 Developing Skills in Incident Response Personnel
 Incident Response Team Structure
 Incident Response Team Dependencies
 Incident Response Team Services
 Defining the Relationship between Incident Response, Incident
Handling, and Incident Management
 Incident Response Best Practices
 Incident Response Policy
 Incident Response Plan Checklist

You might also like