SOC Analyst

(Security Operations Center)

Hands-on Training

www.infosectrain.com version 3.0

Tools Covered

ITSM Tools Nmap Metasploit Splunk

Wireshark CyberChef Microsoft Sysinternals Terminal/Shell

Maltego AlienVault MISP FTK Imager

Navigator

Wazuh MxToolbox MITRE ATT&CK volatility

Navigator

Many
more......

www.infosectrain.com version 3.0

Course Highlights

48-Hour Real-time Attack Access to

Instructor-led Simulations Exclusive
Training tools

Case Study Project Access Recorded

based Learning Integration Sessions

Practical Real-world Interview

Approach Scenarios Preparation

www.infosectrain.com version 3.0

 About Course

As cyber threats become increasingly sophisticated, organizations

require skilled professionals to safeguard their systems and data. The
SOC (Security Operations Center) Analyst training course bridges this
critical skills gap by offering an in-depth curriculum that spans the
essentials of information security to advanced threat-hunting
techniques.

Participants will explore critical areas such as SIEM operations,

vulnerability management, malware analysis, and digital forensics,
complemented by practical exposure to leading tools like Splunk,
Wireshark, and MISP. This program emphasizes theoretical foundations
and integrates hands-on labs that simulate real-world scenarios,
equipping learners with the expertise to detect, analyze, and respond to
complex cyber incidents effectively.

www.infosectrain.com version 3.0

2.0
 Course Objectives

Understand the core principles of Information Security, including

confidentiality, integrity, availability, non-repudiation, and managerial,
technical, and operational security controls.
Gain expertise in Security Operations Center (SOC) workflows, roles,
and technologies to monitor and manage cyber threats effectively.
Master the techniques for identifying and mitigating cyber threats like
malware, ransomware, and Advanced Persistent Threats (APTs).
Develop proficiency in vulnerability assessment and management,
covering the complete lifecycle from asset identification to risk
mitigation.
Acquire hands-on experience in log management and analysis using
tools like Splunk to detect anomalies and secure infrastructure.
Build advanced skills in malware analysis, digital forensics, and
incident response to investigate, contain, and remediate
sophisticated cyber attacks.

www.infosectrain.com version 3.0

Target Audience

Technical Support Engineers SOC Analysts (L1 & L2)

System Administrators Information Security Researcher
Security Consultants Aspiring Information Security
Cyber Security Analysts Professionals
Network Engineers Anyone Who Wants to Become
Network Architects or Admin a SOC Analyst
Security System Engineers

Pre-requisites
Basic Knowledge of

Networking fundamentals
OS basics & Troubleshooting is recommended
Basics of Information Security
Basics of Cyber World & Security
Beginner or Fresher for SOC Operations Centre
Working on Information Security Role

www.infosectrain.com version 3.0

Our Expert Instructor

SANYAM NEGI 10+ Years of Experience

CEH | CSA | CND | CHFI | CTIA | CCISO | Security+ | Pentest+ | CySA+

An Information Security Consultant & Trainer with over 10+ years of hands-on experience
with specializations in Security Operations Center, Threat Hunting and DevOps, Web
Application Security, Vulnerability Assessment, Incident Handling & Response among
others.

Sanyam is proficient in crafting customized training programs and courseware focused on

Security Solutions with extensive expertise in providing consultations to a diverse clientele
on cyber security and information security strategy. He’s got an outstanding track record in
achieving high exam success rates for professionals. His penchant for teaching with
examples and simplifying complex topics are his key strengths.

ABHISHEK SHARMA 10+ Years of Experience

ISO 27001 LA | ISO 27001 LI | CySA+ | Security+ | Pentest+ | CSA

CTIA | ECIH | AZ-104

An Information Security expert with 10+ years of experience as an instructor delivering

training to government and non-government organizations around the globe.

Abhishek is well versed in key aspects of Information Security including Security

Operations Center, Web Application Security, Vulnerability Assessment, and some of
the latest Information Security tools and technologies available in the market today.
He’s had exposure in delivering training to various corporate teams and in managing
Information Security for different sectors, including banking, telecom, e-commerce,
retail, healthcare and IT, among others.

www.infosectrain.com version 3.0

 Course Content

Module 1 Introduction to Information Security

Overview of Information Security

Information Security vs. Cybersecurity
Elements of Information Security

Confidentiality
Integrity
Availability
Non-Repudiation

Security Controls

Managerial
Technical
Operational

Introduction to Cybersecurity Frameworks

NIST
MITRE ATT&CK
ISO

www.infosectrain.com version 3.0

 Module 2 Security Operations Center (SOC) Foundations

Introduction to Security Management

Introduction to the Security Operations Center (SOC)
Why Do We Need a SOC?
Role of a SOC Analyst in Modern Cybersecurity
SOC Tiers and Responsibilities

Tier 1
Tier 2
Tier 3

Key SOC Technologies and Terminologies

SOC Workflow

Module 3 Threat Landscape

Types of Cyber Threats

Malware
Ransomware
Phishing
Insider Threats

Overview of Advanced Persistent Threats (APTs)

Understanding Attacks and Their Patterns

CASE STUDY
MOVEit Data Breach
SolarWinds Supply Chain Attack

www.infosectrain.com version 3.0

 Module 4 Vulnerability Management

Understanding Vulnerability Assessment

Types of Vulnerability Assessment
Vulnerability Management Lifecycle

Asset Identification
Vulnerability Assessment
Risk Assessment
Remediation
Verification
Monitoring

Module 5 Log Management and Analysis

Understanding Log Sources

Firewalls
IDS/IPS
Web Servers
Endpoints

Hands-On with Centralized LAB

Logging Tool (Splunk) Analyzing Apache Server
Identifying Anomalies in Logs Logs for Intrusion Attempts

www.infosectrain.com version 3.0

 Module 6 Threat Intelligence

What is Threat Intelligence?

Why Do We Need Intelligence?
Threats, Threat Actors, APTs, and Global Campaigns
Types of Threats

Network-Level
Web Application-Level
Host-Level

Indicators of Compromise (IoCs) vs. Indicators of Attack (IoAs) vs. Precursors

Traffic Light Protocol (TLP)
Understanding the Pyramid of Pain

PRACTICAL LABS

Collecting IoCs
Exploring Threat Intelligence Platforms (e.g., Maltego, MISP)
Checking IP/Domain Reputations
Analyzing Malicious Files

www.infosectrain.com version 3.0

 Module 7 Threat Hunting Essentials

Introduction to Threat Hunting

Threat Hunting vs. Threat Detection
Relationship Between Incident Response and Threat Hunting
Threat Hunting Models

Hypotheses and Methodologies

Diamond Model of Intrusion Analysis
MITRE ATT&CK Framework

PRACTICAL LABS

Network Traffic Analysis (Wireshark, Network Miner)

Endpoint Process Analysis

Memory Hunt - Volatility Framework

Monitoring and Detecting USB drives in Windows
Process Injection lab in Wazuh

Module 8 Security Information and Event Management (SIEM)

What is SIEM and Why Do We Need It?

SIEM Components

Security Information Management (SIM)

Security Event Management (SEM)

www.infosectrain.com version 3.0

 SIEM Capabilities

Aggregation
Correlation
Alerts
Reporting

HANDS-ON WITH SPLUNK

Installation
Rule Writing & Alert Creation
Event Analysis

Module 9 Malware Analysis

Malware Analysis Basics

Static vs. Dynamic Analysis

PRACTICAL LABS

PE Analysis Setting Up a Malware Lab

YARA Rules Anti-Sandboxing Techniques
Traffic Analysis (Using Wireshark)

www.infosectrain.com version 3.0

 Module 10 Digital Forensics and Incident Response (DFIR)

Phases of Incident Response

Preparation
Detection
Containment
Eradication
Recovery

Incident Playbook Overview

Ticketing System

DISSECTING PHISHING EMAILS (PRACTICAL)

Identifying Red Flags in Phishing Emails

URL Reputation Analysis
File Reputation Analysis
Authentication Mechanisms:

SPF
DKIM
DMARC

The 6 A’s of the Forensics Process

Acquisition
Authentication
Analysis
Attribution
Articulation
Audit

www.infosectrain.com version 3.0

ANTI-FORENSICS TECHNIQUES (PRACTICAL) DATA RECOVERY (PRACTICAL)

Steganography Detection and Analysis Recovering Deleted Data

Live Acquisition (Magnetic
NETWORK FORENSICS (PRACTICAL)
RAM Capture)
Network Traffic Analysis
Real-Time vs. Post-Mortem Analysis

System Forensics

Disk Imaging with FTK Imager

Disk Analysis Using Autopsy

PRACTICAL LABS

PCAP Analysis (Wireshark)

File and Disk Artifact Investigation

www.infosectrain.com version 3.0

*Bonus Section

Your Final Steps to Mastery

Incident Response Project

Attack Simulation
Detection & Remediation
Report Preparation

Interview Preparation

www.infosectrain.com version 3.0

Testimonials

Karthik Rao Marthineni Abdulaziz Abahussain Abhiram KS

It's a great platform to learn the SOC Overall, this training has equipped me The trainer has great knowledge
analyst course online. The trainer is with valuable skills and knowledge that about the topic, and he knows what
very patient and great at explaining I am excited to apply in my role. I he is teaching us. Kudos to him.
the concept. I really liked the course. couldn't have asked for a better team Thank you so much InfosecTrain.
Thankyou! to guide me through this journey.

01

UK

02 03 04
INDIA NEPAL
SAUDI 05
ARABIA
INDIA

Shubhranshu Mishra Dipendra Singh Mourya

It was a great experience,got I have learned the most about

opportunity to explore many new cyber security (SOC Analyst) from
things and able to sort out doubts this organization. Our trainer, in
logically. particular, has given me the
greatest advice and knowledge.
Best Regards.

version 3.0
Contact us Follow us on

www.infosectrain.com
sales@infosectrain.com

www.infosectrain.com version 3.0

2.0