This comprehensive 11-hour 51-minute course from TCM Security provides foundational training for Security Operations Center (SOC) analysts. Learn essential SOC skills through hands-on instruction covering lab setup, security operations fundamentals, phishing analysis, network security monitoring, and endpoint security. Begin with setting up a virtual lab environment using VirtualBox with Windows and Ubuntu, then progress through SOC fundamentals including roles, incident management, metrics, and common threats. Dive deep into phishing analysis with email header examination, URL analysis, and attachment investigation techniques. Master network security tools like tcpdump, Wireshark, and Snort for traffic analysis and intrusion detection. Explore endpoint security controls and even create test malware in a controlled environment. Access additional resources including a GitHub repository with reference materials to supplement your learning. Perfect for aspiring SOC analysts preparing for entry-level positions or security professionals looking to enhance their defensive skills.
Overview
Syllabus
00:00 - Introduction
00:01:47- Flare Intro ad
07:00 - Course Objectives
10:23 - Prerequisites and Course Resources
16:05 - Installing Oracle VM VirtualBox
20:57 - Installing Windows
33:06 - Configuring Windows
43:22 - Installing Ubuntu
55:58 - Configuring Ubuntu
1:01:44 - Configuring the Lab Network
1:07:06 - The SOC and Its Role
1:25:46 - Information Security Refresher
1:48:40 - SOC Models, Roles, and Organizational Structures
2:00:09 - Incident and Event Management
2:07:35 - SOC Metrics
2:13:34 - SOC Tools
2:29:48 - Common Threats and Attacks
2:46:47 - Introduction to Phishing
3:00:51 - Email Fundamentals
3:13:25 - Phishing Analysis Configuration
3:19:30 - Phishing Attack Types
3:35:47 - Phishing Attack Techniques
3:50:47 - Email Analysis Methodology
3:56:27 - Email Header and Sender Analysis
4:17:51 - Email Authentication Methods
4:35:18 - Email Content Analysis
4:48:07 - The Anatomy of a URL
4:57:36 - Email URL Analysis
5:18:27 - Email Attachment Analysis
5:33:06 - Dynamic Attachment Analysis and Sandboxing
5:54:25 - Flare Middle ad
5:56:06 - Static MalDoc Analysis
6:03:00 - Static PDF Analysis
6:13:47 - Automated Email Analysis with PhishTool
6:19:58 - Reactive Phishing Defense
6:47:24 - Proactive Phishing Defense
7:00:43 - Documentation and Reporting
7:12:35 - Additional Phishing Practice
7:16:29 - Introduction to Network Security
7:22:07 - Network Security Theory
7:52:04 - Packet Capture and Flow Analysis
8:03:54 - Introduction to tcpdump
8:19:28 - tcpdump: Capturing Network Traffic
8:33:44 - tcpdump: Analyzing Network Traffic
8:47:32 - tcpdump: Analyzing Network Traffic Sample 2
9:02:17 - Introduction to Wireshark
9:18:09 - Wireshark: Capture and Display Filters
9:30:08 - Wireshark: Statistics
9:42:05 - Wireshark: Analyzing Network Traffic
10:01:34 - Intrusion Detection and Prevention Systems
10:09:15 - Introduction to Snort
10:26:52 - Snort: Reading and Writing Rules
10:51:36 - Snort: Intrusion Detection and Prevention
11:12:30 - Additional Network Traffic Analysis Practice
11:15:43 - Introduction to Endpoint Security
11:20:25 - Endpoint Security Controls
11:33:40 - Creating Our Malware
11:47:27 - Flare Outro Ad
11:49:04
Taught by
The Cyber Mentor
Related Courses
-
Monitoring, Logging and Responding to Incidents
-
Snort Intrusion Detection, Rule Writing, and PCAP Analysis
-
Network Security Analysis Using Wireshark, Snort, and SO
-
Advanced Network Security and Analysis
-
Cyber security SOC Phishing analysis from Scratch
-
ChatGPT for SOC Analyst - Master Cyber Security with AI
