SOC WITH IBM QRADAR,SPLUNK & RAPID-7

80-hours

SECURITY OPERATIONS CENTER ANALYST

The most practical and extensive training course on Security Operations and Incident Response

IT Security Professionals have chosen “TECH GEEK“ as their best cybersecurity training provider. We have trained professionals who are working in Fortune 500 companies and Best organization across 100+ countries around the globe.

List of SOC with IBM QRadar & Splunk ,Rapid-7 Topics

-> Fundamentals Networking and Data Communications

  • IP Classifications
  • OSI Layers
  • MAC/Switch/Router/HUB
  • NAT/PAT
  • Ports/Protocols
  • Subnetting
  • TCP/UDP
  • Network Topology
  • Network architecture
  • Encoding
  • Encryption
  • Hashing
  • Multi Casting/Uni casting/Broad Casting
  • TCP 3 way Handshake

-> Introduction to SOC

  •  SOC Overview
  • Importance of SOC
  • Benefits of SOC

-> Insights into CyberThreats

  •  Network Level Threats
  • Web App Level Threats
  • Host Level Threats

-> Understanding Events and Logging Mechanisms

  • What Are Logs
  • Local Vs Centralized Logging
  • Exploration of Various Logs

-> SOC Analysis Using IBM QRadar:

  •  Investigating Logs
  • Investigating Flows
  • Dashboard Creation
  • Asset Management
  • Report Generation
  • Exploring Rules and Building Blocks

-> IBM QRadar Advanced Concepts:

  • Offense Management
  • Customizing/Optimizing Rules and Building Blocks
  • Device Support Modules

-> Splunk Fundamentals

  • Data Ingestion
  • Splunk Apps and Addons
  • Splunk Data Models
  • Basic Searching

-> SOC Analysis Using Splunk

  •  Data Visualization with Pivots and Databases
  •  Search Processing Language Basics
  • Splunk Knowledge Objects
  • Generating Alerts

-> Incident Response Activities:

  •  Incident Response Fundamentals
  • Incident Response and Security Operations Integration

Shaik Iftekhar

Instructor

A cyber security practitioner with over 12 years  of experience in designing, managing and implementing security solutions. I served as the technical lead on complex projects for Govt, Bank, Healthcare and Private Sectors. 

COURSE DESCRIPTION

The SOC (Security Operations Center) Analyst role offers comprehensive visibility into network, user, and application activities. SIEM enables the collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. It also identifies suspected attacks and policy violations as offenses within the QRadar,Splunk,Rapid-7 SIEM platform. Security Operations Centers play a crucial role in monitoring and detecting threats to organizations.

In the SOC Analyst training, participants will gain proficiency in navigating the user interface and conducting investigations into offenses. They will learn to search, analyze, and investigate suspicious activities. The training includes lab exercises that provide hands-on experience in the day-to-day work of an IT Security Analyst operating the QRadar, splunk , Rapid-7 platform.

 

WILL I GET A CERTIFICATE ?

Once you satisfy the requirements of the final practical certification test, you will be awarded an “Security Operations Center Analyst” certificate and will hold the SOC certification.

Ready to get started?

Get in touch, or create an account