Familiarity with Ethernet and TCP/IP networking.
Full-Time (Physical class &blended)
1 Week – Training
3 Week – Hands-on
Security Executive/Associate Security Analyst, Cyber Risk Analyst, Security Penetration Tester, Security Operation Analyst, Security Engineer
Able to manage Security Operations Center (SOC) day to day activity.
Able to perform kill chain and the diamond models for incident investigations; use exploit kits based on threat actors.
Able to use Network Security Monitoring (NSM) tools.
Able to identify resources for hunting cyber threats and threat actors.
Able to identify and analyze security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts.
Able to analyze and conduct security incident investigations; conduct the need for event data normalization and event correlation.
Able to identify and analyze the common attack vectors, compare malicious activities and compare patterns of suspicious behaviors.
Able to analyze and conduct security incident investigations.
Able to use typical security playbook in the SOC and produce SOC metrics to measure the effectiveness of the SOC.
Able to apply workflow management system and automation to improve the effectiveness of the SOC.