Looking for Global training? Go to https://firebrand.training/en or stay on the current site (Danmark)
Part of the BPP Education Group
89 88 66 05
EC-Council - Certified SOC Analyst (CSA)
Overview
On this accelerated EC-Council Certified SOC Analyst (CSA) course, you'll learn to identify, monitor and analyse cyber-attacks, and use the information to quickly respond to security incidents.
In just 2 days, you'll build the skill-set you need to work effectively within a security operations centre (SOC). You'll also learn about security information and event management (SIEM), deployment and architecture.
At the end of your course, you'll sit Exam 312-39 and return to the office an EC-Council Certified SOC Analyst (CSA).
On this accelerated course, you'll learn how to:
- Recognise attacker tools, behaviours, tools and procedures
- Use the Centralised Log Management (CLM) process
- Make use of constantly changing threat information
If you're an aspiring SOC analyst or already are one at a Tier 1 and Tier 2 level, this course is ideal for you.
This course is also designed for security professionals who handle and manage network security operations, like network and security administrators or engineers, or network security operators.
You’ll train at twice the speed with Firebrand's unique Lecture | Lab | Review methodology. Learn in a distraction-free environment and become an EC-Council Certified SOC Analyst (CSA) in just 2 days.
Four reasons why you should sit your EC-Council CSA course with Firebrand Training
- You'll be EC-Council CSA trained and certified faster. Learn more on this 2-day accelerated course. You'll get at least 12 hours a day of quality learning time in a distraction-free environment
- Your EC-Council CSA course is all-inclusive. One simple price covers all course materials, exams, accommodation and meals – so you can focus on learning
- Pass EC-Council CSA first time or train again for free. Your expert instructor will deliver our unique accelerated learning methods, allowing you to learn faster and be in the best possible position to pass first time. In the unlikely event that you don't, it's covered by your Certification Guarantee
- Study EC-Council CSA with an award-winning training provider. We've won the Learning and Performance Institute's "Training Company of the Year" three times. Firebrand is your fastest way to learn, with 134.561 students saving more than one million hours since 2001
Curriculum
Module 1: Security operations and management
- Understand the SOC Fundamentals
- Discuss the components of SOC: People, processes and technology
- Understand the implementation of SOC
Module 2: Understanding cyber threats, IoCs, and attack methodology
- 2.1 Describe the term cyber threats and attacks
- 2.2 Understand the Network Level attacks
- 2.3 Understand the Host Level attacks
- 2.4 Understand the Application Level attacks
- 2.5 Understand the Indicators of Compromise (IoCs)
- 2.6 Discuss the attacker’s Hacking Methodology
Module 3: Incidents, events and logging
- 3.1 Understand the fundamentals of incidents, events, and logging
- 3.2 Explain the concepts of local logging
- 3.3 Explain the concepts of centralised logging
Module 4: Incident detection with Security Information and Event Management (SIEM)
- 4.1 Understand the basic concepts of Security Information and Event Management (SIEM)
- 4.2 Discuss the different SIEM Solutions
- 4.3 Understand the SIEM Deployment
- 4.4 Learn different use case examples for Application Level Incident Detection
- 4.5 Learn different use case examples for Insider Incident Detection
- 4.6 Learn different use case examples for Network Level Incident Detection
- 4.7 Learn different use case examples for Host Level Incident Detection
- 4.8 Learn different use case examples for Compliance
- 4.9 Understand the concept of handling alert triaging and analysis
Module 5: Enhanced incident detection with threat intelligence
- 5.1 Learn fundamental concepts on threat intelligence
- 5.2 Learn different types of threat intelligence
- 5.3 Understand how threat intelligence strategy is developed
- 5.4 Learn different threat intelligence sources from which intelligence can be obtained
- 5.5 Learn different Threat Intelligence Platform (TIP)
- 5.6 Understand the need of threat intelligence-driven SOC
Module 6: Incident response
- 6.1 Understand the fundamental concepts of incident response
- 6.2 Learn various phases in Incident Response Process
- 6.3 Learn how to respond to Network Security Incidents
- 6.4 Learn how to respond to Application Security Incidents
- 6.5 Learn how to respond to Email Security Incidents
- 6.6 Learn how to respond to Insider Incidents
- 6.7 Learn how to respond to Malware Incidents
Exam Track
You'll sit the following exam at the Firebrand Training centre, covered by your Certification Guarantee:
- EC-Council Certified SOC Analyst (CSA) - Exam 312-39
- Exam format: Multiple-choice
- Exam duration: 120 minutes
- Number of questions: 100
- Passing score: 70%
- Language: English
- Domains:
- 1: Security operations and management (5%)
- 2: Understanding cyber threats, IoCs, and attack methodology (11%)
- 3: Incidents, events and logging (21%)
- 4: Incident detection with Security Information and Event Management (SIEM) (26%)
- 5: Enhanced incident detection with threat intelligence (8%)
- 6: Incident response (29%)
What's Included
Your accelerated course includes:
- Accommodation *
- Meals, unlimited snacks, beverages, tea and coffee *
- On-site exams **
- Exam vouchers **
- Practice tests **
- Certification Guarantee ***
- Courseware
- Up-to 12 hours of instructor-led training each day
- 24-hour lab access
- Digital courseware **
- * For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
- ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
- *** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.
Prerequisites
Before attending this accelerated course, you should have 1 year of work experience in network admin or security.
Are you ready to get certified in record time?
We interview all applicants for the course on their technical background, degrees and certifications held, and general suitability. If you get through this screening process, it means you stand a great chance of passing.
Firebrand Training is an immersive training environment. You must be committed to the course. The above prerequisites are guidelines, but many students with less experience have other background or traits that have enabled their success in accelerated training through Firebrand Training.
If you have any doubts as to whether you meet the pre-requisites please call 89 88 66 05 and speak to one of our enrolment consultants, who can help you with a training plan.
Reviews
We've currently trained 134.561 students in 12 years. We asked them all to review our Accelerated Learning. Currently,
96,41% have said Firebrand exceeded their expectations:
"The course was very useful and was taught by a knowledgeable instructor"
Sola Ayoola, Pennon Group. (31/7/2023 (Monday) to 1/8/2023 (Tuesday))
"The course was very useful and was taught by a knowledgeable instructor"
Sola Ayoola, Pennon Group. (31/7/2023 (Monday) to 1/8/2023 (Tuesday))
"Great 4 days of in-person training. The trainer was knowledgeable and brought a wealth of real world examples to what would have been otherwise a very theoretical training course."
Ian Smith, DWP. (8/1/2024 (Monday) to 11/1/2024 (Thursday))
"I attended the CND course which was online-led. This course was delivered very well allowing me to develop my knowledge in the related topics. Despite being online, I felt involved and felt as if I could ask any questions at any time."
Molly Macuras, Electricity North West Limited. (8/1/2024 (Monday) to 11/1/2024 (Thursday))
"The course was very informative and helped introduce us to the material. Instructor was very attentive and showed us many practical examples also."
SON, Lloyds. (3/10/2023 (Tuesday) to 6/10/2023 (Friday))