Information Security Operations Center ISOC for Non-Techies

Become a Cyber Security Specialist, Build technical capability in ethical hacking & web application security

Ratings: 4.02 / 5.00




Description

An information security operations center (ISOC or SOC) is a facility where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed, and defended.

Have you ever wondered exactly how hackers 'hack'? Do words like firewalls, encryption, bio-metrics and malware sound confusing to you? Have you been looking for a course that teaches you all the basics of both information and cyber security in a fun relaxed manner? If so then you are going to find this course absolutely perfect for you.

This is a course that is perfect as an introductory one for individuals and students who are interested in becoming cyber security or information security professionals. It is also ideal for students who just want to have a well rounded knowledge about the basic concepts used in the world of information security.


PERFECT FOR COMPLETE BEGINNERS

This course is intended primarily for students who have little to no prior background or knowledge about the field of cyber security.

Course Curriculum

In the very first section, we will cover the basic terminologies used and discuss topics like the trinity of IT security and computer protocols.


Section 1:

You will learn the background of Cybersecurity & Hacking. You will learn what is cyber-security and the growing demand

for professionals. You will have clarity on what is a basic network, cia triad,essential terminologies used etc. You will go through an introduction to kali linux operating system in this section


Section 2:

You will gain insights on what is cyber security, what are the components, why you should choose this as a career. You will understand that cyber security is about protecting systems, networks, programs, data and money.


Section 3:

You will have an increased awareness of hacking as a profession, they will go through data breaches occurring in Yahoo, Equifax, Target stores, Sony's play station network etc. You can understand how hacking can be as a profession, types of hackers, what is information risk management regime, companies with data breaches.


Section 4:

You will go through an introduction of what a security operations center is, what are the branches within cyber security

and the various job roles available within cyber security


Section 5:

You will understand network concepts, network topologies and layered communication in this course


Section 6:

We start off where we left, in the previous section 5 we dealt with the fundamental concepts such as Basic Network, CIA Triad, Network concepts, Security Operations Center and Job Roles. Section 6 starts with a refresher on network concepts, topologies etc and connects you to the previous section.


Section 7&8:

These two sections give a good insight on the OSI Model and all the Layers:

a)Physical layer b)Data link layer c)Network layer d)Transport layer e)Layered packet format f)Flow control g)Error control

f)Connection-orientedness vs connectionless g)Session layer and responsibilities h)Presentation layer and its

responsibilities i)Summary of layers


Section 9:

In this section you will learn important concepts like TCP/IP protocol suite and Domain name system hierarchy.


Section 10: Components of Hacking:

Reconnaissance

Scanning

Gaining access

Maintaining access

Clearing tracks


Section 11: Ethical hacking Mindmap

Ethical hacking

Places of ethical hacking

Mind map


Section 12: DoS and DDoS

Denial of services

Symptoms of dos attack

Slow performance

Increase in spam emails

Unavailability of a resource

Loss of access to a website

Denial of access to any internet services

Distributed denial of services (DDoS)

DoS/DDoS attack techniques

Land and flood attacks

Service request floods


Section 13: SYN flooding attach using hping3


Section 14: Hacking : Counter Measures Strategies

Counter-measures

DoS/DDoS countermeasure strategies

Detech and neutralize handlers

Monitoring the activities running on a system of network

Deflect attacks by load balancing

Mitigate attacks disabling unnecessary services

Intrusion detection systems

Wavelet analysis


Section 15: Metasploit test

Metasploit is so popular is the wide range of tasks that it can perform to ease the work of penetration testing to make

systems more secure. Metasploit is available for all popular operating systems.

Vulnerability

Exploit

Payload

Meterpreter


Section 16: Maltego Tool Demo

You will go through a demo of the maltego community edition 4.2.4


Section 17: Cyber kill chain methodology

You will gain insights on cyber kill chain methodology and how a traditional kill chain model works: recon,weaponize, deliver, exploit, install, c2, actions.


Section 18:

You will build their capability in information security attack vectors, phishing techniques, whaling and phishing mitigation. You will understand the types of ransom-wares, how crypto ransomware works, you will go through a real world example of a ransomware attack on the Bristol airport screens.


Section 19 & 20:

You will understand the various mitigation strategies, phishing & firewalls, intrusion detection and prevention systems. You will gain knowledge on zero-day exploit, malware and its types, man in the middle (mitm) attack and web application security.


Section 21:

You will gain real time insights on Security information and event management and Security event manager


Section 22:

You will identify threats and possible breaches and collect audit logs for security and compliance. You will be able to conduct investigations and provide evidence.


Section 23:

You will learn that Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.


Section 24:

You can understand how an attacker can come in and tries to understand how a corporate environment is setup of a target.


Section 25:

You will learn what SIEM and Log Management mean for businesses & how to use them more effectively to mitigate risk for your company.


Section 26:

You will learn that SIEM is necessary because of the rise in data breaches and to meet stringent compliance requirements


Section 27:

Learn the right approach to building SIEM use cases, how to organize and prioritize use cases effectively.


Section 28:

You will learn the SIEM elements, Big 3, Process flow, Features, Event life cycle, SOC controls and mgmt, SIEM architecture, Dashboards and Use cases


Section 29:

You will revisit features of SIEM and learn SIEM deployment options like self-hosted, self-managed to Hybrid-model, Jointly-managed. You will understand the business benefits of SIEM.


Section 30:

SIEM Essentials Quiz


Who this course is for:

  • Students who want to learn the basics of computer and cyber security

  • Students who want to become IT or Cyber Security Experts


Testimonials:

Perfect Beginning for a new learner ~ Sairam Chaganti

The resource links shared are very useful ~ Mohammed M. Goni

Just Good ~ TazQ

The course is packed with information that is very easy to follow for a beginner, I definitely feel like I'm learning something new with every video I watch :) ~ Kory Williams

Very useful course, i leaned a lot from it , i really like it , i recommend this instructor ! ~ Souha Djim

Good for a beginner ~ Goli Uma Sankar

Très bon travail. Merci (Very good work. Thanks) ~ Mohamed ABDOU

What You Will Learn!

  • You will learn the background of Cybersecurity & Hacking.
  • You will have an increased awareness of hacking as a profession, You will go through data breaches occurring in different corporates
  • You will go through an introduction of what a security operations center is, what are the branches within cyber security and the various job roles available
  • You will understand network concepts, network topologies and layered communication in this course
  • You will start using Maltego Tool after you go through a demo of the Maltego community edition 4.2.4.
  • You can formulate various mitigation strategies, phishing & firewalls, intrusion detection and prevention systems.
  • You can give insightful talks on zero-day exploit, malware and its types and man in the middle (mitm) attack
  • You will learn the OSI Model, various mnemonics, protocol data units etc.
  • You will learn the different components of Hacking: Reconnaissance, Scanning, Gaining access, Maintaining access & Clearing tracks.
  • You will feel confident and comfortable with cyber kill chain methodology and how a traditional kill chain model works
  • You will build your capability in information security attack vectors, phishing techniques, whaling and phishing mitigation.
  • Introduction to SIEM: You will gain real time insights on Security information and event management and Security event manager
  • You will identify threats and possible breaches and collect audit logs for security and compliance.
  • You will learn that Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered
  • You can understand how an attacker can come in and tries to understand how a corporate environment is setup of a target.
  • You will learn what SIEM and Log Management mean for businesses & how to use them more effectively to mitigate risk for your company.
  • You will learn that SIEM is necessary because of the rise in data breaches and to meet stringent compliance requirements
  • Learn the right approach to building SIEM use cases, how to organize and prioritize use cases effectively.
  • You will learn the SIEM elements, Big 3, Process flow, Features, Event life cycle, SOC controls and mgmt, SIEM architecture, Dashboards and Use cases
  • You will revisit features of SIEM and learn SIEM deployment options
  • SIEM Essentials Quiz
  • You will learn the fundamentals of IP using a network simulation tool demo
  • You will have a Complete Hands-on on Exploit Database, Online Cameras, People Search, DNS Search, Pastebin etc
  • You will go through a demo on how to install and use Splunk Enterprise Security

Who Should Attend!

  • Those who are interested in a career in cyber security and ethical hacking
  • This course is for Beginners and not for advanced audience. Hence the faculty explains each concept in detail and demonstrates with relevant tools where required.