EC-Council Certified SOC Analyst (CSA)

Enterprises require cutting-edge cybersecurity solutions in addition to more conventional forms of defense to manage sophisticated threats. Incorporating a security operations center (SOC), along with good cybersecurity best practices, have become workable solutions. A SOC analyst continuously scans for potential risks, identifies them, prioritizes the warnings, and escalates them as necessary. Processes like monitoring, detection, analysis, and triaging lose effectiveness without a SOC analyst, which ultimately has a detrimental effect on the company.

• Security Operations and Management

  • Fundamentals of SOCs

  • SOC components (people, processes, technology)

  • SOC workflow, implementation, and maturity models

• Cyber Threats, IoCs, and Attack Methodology

  • Cyber threats and attack types

  • Network, host, and application-level attacks

  • Identifying indicators of compromise (IoCs)

  • Attacker tools, tactics, and procedures

• Incidents, Events, and Logging

  • Concepts of security incidents, events, and logging

  • Local vs. centralized logging

• Incident Detection with SIEM

  • SIEM concepts and deployment

  • Overview of SIEM solutions

  • Incident detection and event correlation with SIEM

• Enhanced Incident Detection with Threat Intelligence

  • Fundamentals and types of threat intelligence

  • Developing and applying threat intelligence strategies

• Incident Response

  • Incident response fundamentals and phases

  • Responding to network security incidents

  • Use of EDR and XDR tools in incident handling

The EC-Council Certified SOC Analyst (CSA) certification is designed for:

• Network and Security Administrators
• Network and Security Engineers
• Network Defense Analyst
• Network Defense Technicians
• Network Security Specialist
• Network Security Operator
• Any security professional handling network security operations

1. Attend EC-Council Certified SOC Analyst (CSA)
2. Pass the following exams:

• CSA (312-39)