Course Overview

This course aims to equip students with all of the fundamental security operations knowledge and practical skills needed in order to achieve and excel in a T1 or T2 SOC Analyst position. By covering topics such as phishing analysis, incident response procedures, threat detection techniques, log analysis, SIEM management, and security tool utilization, students will gain the essential competencies required to effectively monitor, analyze, and respond to security incidents within a SOC environment.

Students will be able to actively engage with the course material through bite-sized video demonstrations, written materials and references, quizzes to assess comprehension, and practical exercises that simulate real-world scenarios.

By the end of the course, participants will be proficient in using various common security tools, analyzing security events and artifacts, handling alert tickets, triaging, and responding effectively to incidents within a SOC. Additionally, the course aims to foster critical thinking skills and encourage both proactive and reactive methodologies, which are pivotal for skilled analysts.


Key Topics Covered:

  • Security Operations Fundamentals
  • Phishing Analysis
  • Network Security Monitoring
  • Network Traffic Analysis
  • Endpoint Security Monitoring
  • Endpoint Detection and Response
  • Log Analysis and Management
  • Security Information and Event Management (SIEM)
  • Threat Intelligence
  • Digital Forensics
  • Incident Response

System Requirements

To get the most out of this course and follow along with the labs, there will be times where two virtual machines (VMs) need to be run simultaneously. If resources are limited, you can run one VM at a time and follow along with the course. Below are the recommended (ideal) specifications. Feel free to adjust based on your own system's limitations, but these specs will ensure a smoother experience with the course labs.

Processor: 64-bit Intel i5 or i7, 2.0 GHz or higher.

RAM: At least 8 GB (ideally 8-12+ GB) to efficiently run multiple VMs.

Disk Space: 80-100 GB of free storage. SSDs are recommended for better performance.

Prerequisites

Networking Fundamentals:

  • Basic understanding of TCP/IP and OSI models.
  • Knowledge of network concepts such as subnets, internal vs. external IP addresses, network address translation, and routing.
  • Familiarity with common protocols (e.g., SSH, FTP, HTTP, HTTPS).

The foundations and network sections of the course will provide a refresher on these concepts and more, but it would be ideal to have these foundations coming into the course.

Operating System Fundamentals:

  • Basic familiarity with Windows and Linux components.
  • Working with the command-line and knowledge of basic commands and navigation (e.g., cd, ls, cat).
  • Troubleshooting skills

Basic Information Security Concepts:

  • Understanding of foundational security concepts such as the CIA triad, security controls, encryption, and hashing.
  • Basic security appliances and controls (e.g., firewalls, proxies, VPNs, EDR)

The foundations section of the course will provide a comprehensive information security refresher.

SOC 101 Course Objectives

  • Understand the foundational principles and practices of security operations.
  • Learn techniques for analyzing and identifying phishing attacks.
  • Develop skills in monitoring network traffic for security threats and anomalies.
  • Develop skills in monitoring and analyzing security events on individual hosts.
  • Learn how to effectively use a SIEM for security event correlation, analysis, and incident management.
  • Learn how to leverage threat intelligence to enhance security operations and incident response.
  • Develop an understanding of digital forensics processes, common tools, and methodologies.
  • Understand the procedures, and best practices for incident response in a SOC environment.
blue laptop illustration with lock on the screen

Who Should Take SOC 101?

This course will be aimed at individuals who are looking to pursue a career in cybersecurity (beginners with basic or little cybersecurity knowledge or experience), specifically focusing on defensive security operations within a Security Operations Center (SOC) environment.

This course aims to be extremely marketable, offering an all-encompassing curriculum and digestible content to help students secure and thrive in their first security role or advance to a T2 analyst position. The practical exercises included within the course provide students with tangible skills and experience to discuss during interviews, even if they have no direct experience in a professional SOC role.

Security Operations (SOC) 101 Curriculum - 30+ Hours

  Introduction
Available in days
days after you enroll
  Lab Setup
Available in days
days after you enroll
  Security Operations Fundamentals
Available in days
days after you enroll
  Phishing Analysis
Available in days
days after you enroll
  Network Security
Available in days
days after you enroll
  Endpoint Security
Available in days
days after you enroll
  Security Information and Event Management (SIEM)
Available in days
days after you enroll
  Threat Intelligence
Available in days
days after you enroll
  Digital Forensics
Available in days
days after you enroll
  Incident Response
Available in days
days after you enroll
  Conclusion
Available in days
days after you enroll

About the Instructor: Andrew Prince

Andrew is a seasoned and passionate security professional who brings a wealth of experience in areas such as security operations, incident response, threat hunting, vulnerability management, and cloud infrastructure security. 


With a professional background in development and system administration, Andrew offers a well-rounded perspective on his security strategy. Andrew also navigates both offensive and defensive operations to provide a holistic approach to keeping people, processes, and technology secure. He is also active in developing various Capture the Flag challenges, creating security training, and sharing knowledge through content creation.


Social Media Links:

https://malwarecube.com/

https://www.linkedin.com/in/andrewjoeprince/


Andrew Prince headshot
all-access membership wolf logo

This course is included in our All-Access Membership starting at $29.99/month

Get full access to the Security Operations (SOC) 101 course and our full course catalog when you enroll in our All-Access Pass Membership.

Frequently Asked Questions


Can I get a refund if I'm unhappy with my purchase?

Yes. All courses come with a 24-hour money-back guarantee.

Will I receive a certificate of completion when I finish a course?

Yes. All courses come with a certificate of completion.

Do the courses count as Continuing Education Units (CEUs)?

Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.

What is the All-Access Pass?

As of July 1st, 2023 TCM Academy transitioned to a monthly subscription model, where you now receive full access to all of the courses on our platform for as long as your subscription remains active.

What if you already own courses on TCM Academy?

If you already own a course on our platform, you will continue to own that course forever. Previously owned courses will not be affected by this change.


I can see the course, but it won’t load or play. What should I do?

We use Cloudflare to protect our course platform and unfortunately, it does not play nice with VPNs. If you are experiencing issues, turn off your VPN and try again. If that does not solve the issue, please contact our support team at [email protected] and we will help you out.