★ MOST POPULAR ★
1,800
Standard Entry-Bundle - SOC-Analyst
Valid for 9 months
*Typical completion, beginning to end: 6-9 months, when studying regularly
Standard Entry-Bundle
SOC-Analyst Option
Monitor and defend network systems
Series
XE Basics
Program Code
XE101
Duration
Self-Pace*
*Typical completion, beginning to end: 6-9 months, when studying regularly
What You Will Learn
Intro to Cyber is a foundational course that introduces learners to the fundamental concepts of cybersecurity. The syllabus is designed to provide a comprehensive understanding of the diverse aspects of the digital networking and security landscape.
Level-1
Description
Intro-to-Cyber is a foundational course that introduces learners to the fundamental concepts of cybersecurity. The syllabus is designed to provide a comprehensive understanding of the diverse aspects of the digital networking and security landscape.
Module 1: Intro to Networks
This module delves into the basic of digital communication. Learners will understand digital sizes and binary, the language of computers. The module also demystifies IP addresses, differentiating between private, public, and general addresses. Furthermore, it explores network services, common protocols, DNS, and DHCP, setting a firm foundation for understanding how digital networks operate.
-
Digital Sizes
-
Binary
-
IP Addresses
-
Private Addresses
-
Public Addresses
-
General Addresses
-
Network Services
-
Services
-
Common Protocols
-
DNS
-
DHCP
Module 2: Network Security
This module offers a hands-on approach to understanding cybersecurity. Using tools such as Shodan and Google Dorks, learners will learn how to search the internet for sensitive information, demonstrating the vulnerability of digital data. The module also explores hashes, their uses, and different hash functions. Additionally, learners will familiarize themselves with encoding techniques like Hex and Base64, which play a significant role in data security.
-
Shodan
-
Searching with Shodan
-
Google Dorks
-
How Google Works
-
Basic Queries
-
Finding Sensitive Information
-
Hash
-
The Use of Hash
-
Different Hash Functions
-
Encoding
-
Hex
-
Base64
Module 3: Network Data
This module gives an in-depth understanding of network data analysis. Through hands-on practice with Command Prompt and Wireshark, students will learn how to examine and interpret network traffic. The module also introduces the OSI and TCP/IP models, integral frameworks in understanding network communication. Lastly, learners will master the use of Wireshark filters and statistics for effective data analysis.
-
Command Prompt
-
OSI and TCP/IP Model
-
Network Traffic
-
Wireshark Basics
-
Wireshark Filters
-
Wireshark Statistics
-
Description
This training is geared towards introducing the Linux environment. The Linux Basics program aims to assist users with no prior experience, enabling them to get familiar with Linux and the rudiments of automation scripting.
Module 1: Command-Line
This module presents a comprehensive guide to understanding Linux, covering topics from its historical development, various distributions, basic commands, and terminal use to more complex topics such as file permissions, text manipulation, and handling archives. It aims to provide foundational knowledge for effectively working within the Linux environment.
-
Introduction
-
History of Linux
-
Linux Distributions
-
The Terminal
-
Basic Commands
-
Permissions
-
Text Manipulation
-
Working with Archives
Module 2: Bash Scripting
This module introduces the fundamental aspects of Bash scripting, starting from basic programming principles, crafting Bash scripts, obtaining user input, and performing mathematical operations, to utilizing logic statements and manipulating environment variables. It's designed to equip learners with the necessary skills to automate tasks in a Unix-like operating system.
-
Bash Scripting
-
Introduction to Programming
-
Writing Bash Scripts
-
Getting User Input
-
Performing Math
-
Logic Statements
-
Environment Variables
Module 3: Networking
This outline provides a hands-on guide to network troubleshooting and configuring, starting from basic network problem diagnosis to package management in Linux systems. It includes practical examples of installing Debian packages and using the Advanced Packaging Tool (APT) for software management.
-
Network Troubleshooting
-
Network Configuring
-
Basic Network Troubleshooting
-
Package Management
-
Installing Deb Packages
-
Using the APT
-
Description
Python, a user-friendly language widely employed for tool creation in various domains including cybersecurity, is the focus of this program. It offers learners a foundational grasp of programming logic and equips them with the skills to write basic scripts, thereby elevating their programming proficiency to a higher level.
Module 1: Introduction to Python
This module presents an introduction to Python programming, starting from its installation, understanding variables and Booleans, to exploring more complex data types like dictionaries and tuples. It further delves into the concept of loops, essential for creating repetitive tasks and workflows in Python.
-
Introduction
-
Installing of Python
-
Variables and Booleans
-
Dictionaries and Tuples
-
Loops
Module 2: Conditions and Functions
This module delves deeper into Python programming with a focus on conditionals and loop constructs, including 'while' and 'for' loops. It then expands on scoping, subroutines, various aspects of function usage, including handling external functions and exceptions, important for robust and efficient programming.
-
Conditions
-
Conditional Statements
-
While and For Loops
-
Scoping and Subroutines
-
Functions
-
Working with Functions
-
External Functions
-
Exceptions
Module 3: Files I/O
This module guides learners through the utilization of Python modules with a focus on file handling—reading and extracting data from files and writing into them. It additionally delves into the usage of the OS module, which allows Python scripts to interact with the operating system.
-
Python Modules
-
Reading Files
-
Extracting Data
-
Writing into Files
-
The OS Module
-
Level-2
Description
The Network Research program is designed to introduce learners to the fundamental aspects of information security, employing Linux as a primary tool and providing exposure to various security threats.
Module 1: Intro to Linux
This module provides an in-depth look into virtualization, focusing on Linux. It begins with an overview of virtualization and Linux distros, guides on Linux installation, and using VMWare. It addresses network configurations, Linux administration topics like directory structures, user management, packages, file manipulation commands, and concludes with scripting and automation in Linux.-
Virtualization
-
Introduction to Virtualization
-
About Linux Distro
-
Installing Linux
-
Working with VMWare
-
Bridged vs. NAT
-
Working with Linux
-
Linux Directories
-
Linux Users
-
Packages
-
File Manipulation Commands
-
Text and File Manipulation Technics
-
Linux Scripts and Automation
Module 2: Networking
This module offers a deep dive into key networking protocols and services. It starts by exploring the TCP/IP model, followed by detailed examinations of DNS, DHCP, and ARP protocols, then transitions into network services, providing insights into the workings of SSH, FTP, and the Apache web server. This comprehensive study of networking equips learners with crucial knowledge for managing and securing digital networks.-
Protocols
-
TCP/IP Model
-
DNS
-
DHCP
-
ARP
-
Network Services
-
SSH
-
FTP
-
Apache
Module 3: Network Security
This module dives into network scanning and attack techniques. It starts with Nmap and Masscan, powerful tools for network scanning, then covers brute force and offline attack strategies. This course offers invaluable skills for network security testing.
-
Scanning
-
Nmap
-
Masscan
-
Brute Force
-
Offline Attacks
-
Creating Wordlists
-
Wireshark
-
Filtering and Parsing
-
Extracting Objects
Module 4: Cyber Security
This module delves into various network attacks and defense techniques. It covers Man-in-the-Middle (MiTM) and ARP Poisoning strategies, service brute-forcing, and analysis of cyberattacks. Learners are introduced to reverse and bind payloads, and hands-on training with Msfvenom and Msfconsole. Finally, it explores firewall operation, including port blocking and device monitoring, imparting critical skills for network security.-
Network Attacks
-
MiTM
-
ARP Poisoning
-
Service Brute-Force
-
Analyzing Attacks
-
Cyber Attack
-
Reverse and Bind Payloads
-
Working with Msfvenom
-
Working with Msfconsole
-
Firewall
-
About Firewall Operation
-
Blocking Ports
-
Monitoring Devices
-
Level-3
Description
This SOC Operation module is designed for SOC organizations to implement a SOC solution and provide full guidance on the necessary skills and procedures to operate it. The program provides participants with all aspects of a SOC team to keep the enterprise's adversary.
Module 1: Windows Domain
This focused module centers on Sysmon, a powerful Windows system monitoring tool. It teaches learners how to use Sysmon for comprehensive event logging, contributing to a deeper understanding of Windows domain operations.
-
Windows Server
-
Installing Windows Server
-
Configuring Windows Server
-
Managing Features
-
Windows Events
-
Sysmon
-
Windows Domain
-
Installing AD DS
-
Configuring AD DS
-
Managing Domain Protocols
-
Working with Group Policy
-
Working with Wireshark
Module 2: SOC Environment
This module includes the Firewalls configuration and management using pfSense, including the creation of firewall and NAT rules. It involves real-time system monitoring and explores Intrusion Detection and Prevention Systems (IDS/IPS). Participants gain hands-on experience with Snort, understanding rule structures, configuration, and advanced traffic analysis using the NAT feature.
-
Firewalls
-
pfSense Installation
-
Configuring FW Rules
-
Configuring NAT Rules
-
Installing and Managing Packages
-
Real-Time Monitoring
-
IDS/IPS
-
Working with Snort
-
Snort Rules Structure
-
Setting and Configuring Rules
-
Passing Traffic using the NAT Feature
-
Analyzing Advanced Rules
Module 3: Using the SIEM
This module guides participants through the essential components of Security Information and Event Management (SIEM). It initiates with the exploration of ELK stack, covering event monitoring, search methods, custom queries, and alert settings. The latter part delves into Splunk, teaching how to monitor events, the fundamentals of Search Processing Language (SPL).
-
ELK
-
Monitoring Events
-
Different Search Methods
-
Custom Queries
-
Setting Alerts
-
Splunk
-
Monitoring with Splunk
-
Splunk Alerts
Module 4: Threat Hunting
This module immerses participants into advanced aspects of cybersecurity. It begins with comprehensive log analysis, incorporating advanced filtering and threat hunting via events and MITRE ATT&CK. Participants work with Sysmon and its configuration, followed by exploring YARA for rule creation and threat hunting.
-
Log Analysis
-
Analyzing Logs
-
Advanced Filtering
-
MITRE ATT&CK
-
Hunting via Events
-
Creating Hunting Rules
-
Sysmon
-
Configuring XML Settings
-
Analyzing Sysmon Events
-
YARA
-
Rules Structure
-
Hunting with YARA
-
Incident Response
-
IR Playbooks
-
Investigating Files
-
Description
Intro to Cyber is a foundational course that introduces learners to the fundamental concepts of cybersecurity. The syllabus is designed to provide a comprehensive understanding of the diverse aspects of the digital networking and security landscape.
Tip: To enable sound, hover over the video and click the music note icon in the bottom right corner.
What Our Clients Say
“Over 1000 of our students have been trained using ThinkCyber's Products and Services. The hands-on experience they gain from using the Cyberium Arena Simulator and Specto is invaluable and has been instrumental in their career progression”
— John Bryce Training Center, Israel
“The training was crucial, providing my team with a wealth of knowledge through hands-on experiences. This is why, throughout June 2023, we will be welcoming SOC analysts from across the nation to participate in the CACC (CERT-IL Advanced Cyber Training). This training, facilitated by ThinkCyber and utilizing the Cyberium simulator, will provide invaluable experience and knowledge upgrades.”
— Homeland Security
“Our students are getting excellent positions such as SOC Analysts, Network Security Engineers, Forensics and Penetration Testers thanks to the applicable and relevant hands-on cybersecurity skills they've acquired through ThinkCyber's solutions.”
— James Lim, CEO of Centre for Cybersecurity Institute, Singapore
“Exceptional course! I've attended numerous programs, but this outshines them all in every conceivable way: the comprehensive content, the expert guidance, the practical exercises, and the seamless organization of the entire course.”
— Defense Forces
Program Recognition & Impact
This foundational program has been a cornerstone of cybersecurity training worldwide:
-
Trusted by military and law enforcement agencies for entry-level cyber training
-
Adopted by homeland security organizations for foundational cyber education
-
Used extensively in universities and corporations across multiple countries
-
Proven track record with over [X] professionals trained globally
Real-World Training Environment
From day one, you'll work in our Cyberium Arena simulator:
-
Hands-on practice with real networking tools
-
Safe environment to explore cybersecurity concepts
-
Industry-standard command line interfaces
-
Actual network monitoring and analysis tools
* Advanced threat scenarios with Specto-AI become available from Level-2 onwards