EC-Council Certified SOC Analyst® (CSA® v2)

On this accelerated EC-Council Certified SOC Analyst® (CSA®) v2 course, you’ll gain the skills to identify, monitor, and respond to increasingly sophisticated cyber threats across on-premises and cloud environments.

Now aligned with CSA v2, this course goes beyond Tier 1 and Tier 2 SOC analyst skills to include Tier 3-level capabilities, such as threat hunting, malware analysis, and digital forensics.

In just 3 days, you’ll build a comprehensive skill set to operate effectively in a modern Security Operations Centre (SOC), including advanced use of AI/ML for threat detection, cloud security monitoring, and automated alert triage. You’ll also prepare for and sit Exam 312-39, returning to work as a Certified SOC Analyst equipped with cutting-edge, real-world skills.

This course is also designed for security professionals who handle and manage network security operations, like network and security administrators or engineers, or network security operators.

With Firebrand's unique Lecture | Lab | Review method, you'll become competent, confident, and certified faster than with traditional training. Learn in a distraction-free environment and become an EC-Council Certified SOC Analyst (CSA) in just 3 days.

Module 01: Security Operations and Management

Learn how a SOC enhances an organization’s security management to maintain a strong security posture, focusing on the critical roles of people, technology, and processes in its operations.

Module 02:Understanding Cyber Threats, IoCs, and Attack Methodology

Learn various cyberattacks, their IoCs, and the attack tactics, techniques, and procedures (TTPs) cybercriminals use.

Module 03: Log Management

Learn log management in SIEM, including how logs are generated, stored, centrally collected, normalized, and correlated across systems.

Module 04: Incident Detection and Triage

Learn SIEM fundamentals, including its capabilities, deployment strategies, use case development, and how it helps SOC analysts detect anomalies, triage alerts, and report incidents.

Module 05: Proactive Threat Detection

Learn the importance of threat intelligence and threat hunting for SOC analysts and how its integration with SIEM helps reduce false positives and enables faster, more accurate alert triage.

Module 06: Incident Response

Learn the stages of incident response and how the IRT collaborates with SOC to handle and respond to escalated incidents.

Module 07 Forensics Investigation and Malware Analysis

Learn the importance of forensic investigation and malware analysis in SOC operations to understand attack methods, identify IoCs, and enhance future defenses.

Module 08 SOC for Cloud Environments

Learn the SOC processes in cloud environments, covering monitoring, incident detection, automated response, and security in AWS, Azure, and GCP using cloud-native tools.

You'll sit the following exam at the Firebrand Training Centre, covered by your Certification Guarantee:

EC-Council Certified SOC Analyst® (CSA® v2) Exam 312-39

• Exam format: Multiple-choice
• Exam duration: 120 minutes
• Number of questions: 100
• Passing score: 70%
• Language: English
• Domains:
  • Domain 1: Security Operations and Management (5%)
  • Domain 2: Understanding Cyber Threats, IoCs, and Attack Methodology (8%)
  • Domain 3: Log Management (15%)
  • Domain 4: Incident Detection and Triage (25%)
  • Domain 5: Proactive Threat Detection (12%)
  • Domain 6: Incident Response (25%)
  • Domain 7: Forensics Investigation and Malware Analysis (5%)
  • Domain 8: SOC for Cloud Environments (5%)

Before attending this accelerated course, you should have 1 year of work experience in network admin or security.

Your accelerated course includes:

• Accommodation *
• Meals, unlimited snacks, beverages, tea and coffee *
• On-site exams **
• Exam vouchers **
• Practice tests **
• Certification Guarantee ***
• Courseware
• Up to 12 hours of instructor-led training each day
• 24-hour lab access
• Digital courseware **

* For residential training only. Accommodation is included from the night before the course starts. This doesn't apply to online courses.
** Some exceptions apply. Please refer to the Exam Track or speak with our experts.
*** Pass the first time or train again for free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Seven reasons why you should sit your course with Firebrand Training

• Two training options. Choose between residential classroom-based and online courses
• You'll be certified fast. With us, you’ll be trained in record time
• Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
• Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
• You’ll learn more. A day with a traditional training provider generally runs from 9am–5pm, with a nice long break for lunch. With Firebrand, you’ll get at least 12 hours/day of quality learning time with your instructor
• You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
• You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

*For residential training only. Doesn't apply for online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts

Are you ready for the course? 

Get access to free practice tests for your course  Free Practice Test