Skip links

SOC-200: Security Operations and Defensive Analysis

Because we know just how hard it is to get the size.

Training
Certificate

SOC-200: Security Operations and Defensive Analysis

Course Information

Course Name

SOC-200: Security Operations and Defensive Analysis

Exam code

OSDA

Duration

5 Days

Certification

Overview

The Security Operations and Defensive Analysis (SOC-200) course delves into the foundations of defending networks and systems against cyber threats. Learners gain practical experience within a hands-on, self-paced environment designed to teach the fundamental concepts of SOC operations.
Individuals completing the online training course and passing its rigorous exam, earn the OffSec Defense Analyst (OSDA) certification. This SOC Analyst certification demonstrates your ability to detect, analyze, and assess a potential security incident through live exercises. The OSDA stands out in the cybersecurity field, reflecting a commitment to hands-on defensive skills sought after by employers.

Overview

Overview

The Security Operations and Defensive Analysis (SOC-200) course delves into the foundations of defending networks and systems against cyber threats. Learners gain practical experience within a hands-on, self-paced environment designed to teach the fundamental concepts of SOC operations.
Individuals completing the online training course and passing its rigorous exam, earn the OffSec Defense Analyst (OSDA) certification. This SOC Analyst certification demonstrates your ability to detect, analyze, and assess a potential security incident through live exercises. The OSDA stands out in the cybersecurity field, reflecting a commitment to hands-on defensive skills sought after by employers.

Audience Profile

The SOC-200 certification course is ideal for security professionals seeking to enhance their defensive analysis and response skills and earn the OSDA. It’s designed for individuals who have a solid foundation in networking and basic familiarity with Linux and Windows systems.

While there are no formal prerequisites, it’s strongly recommended that you have:

  • A solid foundation in TCP/IP networking
  • Familiarity with Linux and Windows operating systems
  • Basic understanding of cybersecurity concepts

Upon completing SOC-200 and successfully passing the OSDA exam, you’ll have mastered core defensive methodologies, including:

  • Security monitoring and log analysis
  • Incident detection and threat identification
  • Triaging and escalating events
  • Incident response process and procedures
  • Network and host-based forensics (basics)

Course Outline

Build a foundation for understanding attacker behaviors and how to anticipate their moves in penetration testing engagements

Discover common vulnerabilities in Windows endpoints and the attack vectors adversaries use to target them

Learn methods commonly used to exploit critical services and vulnerabilities on compromised Windows servers

Analyze browser-based attacks, vulnerabilities in software, and social engineering techniques attackers use to compromise user-facing sides of Windows systems

Exploit misconfigurations, software flaws, and zero-day vulnerabilities to increase your level of network control

Explore file system persistence, registry modifications, scheduled tasks, and other methods to retain the upper hand on attackers trying to stay hidden on compromised Windows systems

Get familiar with common attack vectors used to target Linux endpoints, their security mechanisms, and potential vulnerabilities

Understand how adversaries compromise Linux servers through privilege escalation methods, service exploits, and configuration weaknesses

Refine your evasion strategies by using firewalls, intrusion detection systems, and other tools to identify malicious activities

Use advanced methods for evading antivirus solutions and minimize your digital footprint with techniques like payload obfuscation and exploit customization

Avoid being detected by defensive technologies while making lateral network moves using covert communication methods and tunneling techniques

Uncover potential attack paths with methods and tools that gather information about Active Directory’s structure, users, groups, and permissions

Leverage compromised credentials, remote execution, and network pivoting to expand control in Windows environments post-exploit

Explore hidden accounts, service manipulation, and other methods of blending into network fabrics using the same techniques as attackers

Building an ELK SIEM: Get hands-on with setting up a SIEM solution using the ELK stack (Elasticsearch, Logstash, and Kibana). Learn how to install, configure, and integrate these components to start collecting and analyzing security logs

Operationalizing Your SIEM: Discover how to effectively manage and use your ELK SIEM deployment. Learn to collect logs from various sources, normalize data, create insightful dashboards, and set up alerts to proactively detect a security incident

Course Price

RM10,500.00 exc. 8% tax

Training Dates

Product price:RM10,500.00 exc. 8% tax
Total options:
Order total:
Fill up the form for enquiry