Duration: 25–30 Hours
Format: Self-paced eLearning | Practical Demonstrations | Case Studies | Assignments | Assessments
Level: Beginner to Intermediate
Target Audience: Cybersecurity Aspirants, IT Students, Fresh Graduates, Network Engineers, System Administrators, Professionals interested in SOC Analyst roles
Course Overview
This course provides a comprehensive introduction to Security Operations Centre (SOC) operations and cybersecurity monitoring. Learners will understand how organisations detect, analyse, and respond to cyber threats in real time. The program covers cybersecurity fundamentals, networking basics, security monitoring, SIEM tools, threat intelligence, incident response, and vulnerability management. Through practical examples and case studies, learners will develop the foundational skills required to begin a career as a SOC Analyst.
Course Modules
Module 1: Cybersecurity Fundamentals & Introduction to SOC
Topics Covered:
• Introduction to Cybersecurity
• Cyber Threat Landscape (Malware, Phishing, Ransomware)
• CIA Triad (Confidentiality, Integrity, Availability)
• Risk, Threat, and Vulnerability
• Introduction to Security Operations Centre (SOC)
• SOC Team Structure and Roles
• SOC Analyst Levels (L1, L2, L3)
Learning Outcome: Learners will understand the core principles of cybersecurity and the role of SOC teams in protecting organisations.
Module 2: Networking & Operating System Basics for SOC
Duration: 6 Hours
Topics Covered:
• Basics of Computer Networking
• OSI Model and TCP/IP Model
• IP Addressing and Network Protocols
• Common Ports and Protocols
• Firewalls and Network Security
• Windows Operating System Security
• Linux Fundamentals for SOC Analysts
• System Logs and Log Files
Learning Outcome:
Students will gain essential networking and operating system knowledge required for security monitoring and investigation.
Module 3: Security Monitoring, Logs & SIEM
Duration: 7 Hours
Topics Covered:
• Security Monitoring Concepts
• Log Management and Log Sources
• Event Correlation
• Introduction to SIEM
• SIEM Architecture
• Alert Generation and Threat Detection
• Overview of SIEM Tools:
• Splunk
• IBM QRadar
• Microsoft Sentinel
Learning Outcome:
Students will learn how SOC teams monitor systems, analyse logs, and detect suspicious activities using SIEM platforms.
Module 4: Threat Intelligence & Incident Response
Duration: 6 Hours
Topics Covered:
• Introduction to Threat Intelligence
• Indicators of Compromise (IOC)
• Threat Intelligence Sources
• Alert Triage and Investigation
• Incident Response Lifecycle
• Phishing Investigation
• Malware Detection Basics
Learning Outcome: Students will understand how SOC analysts identify threats and respond to security incidents.
Module 5: Security Tools & Vulnerability Management
Duration: 5 Hours
Topics Covered:
• Intrusion Detection Systems (IDS)
• Intrusion Prevention Systems (IPS)
• Endpoint Detection & Response (EDR)
• Packet Analysis Tools
• Vulnerability Scanning
• Patch Management
• Security Reporting and Documentation
Tools Covered:
• Wireshark
• Nessus
• OpenVAS
• VirusTotal
Learning Outcome:
Learners will gain knowledge of key cybersecurity tools used in SOC environments for threat detection and vulnerability assessment.
Assignment (10 Questions)
1. Define Cybersecurity and explain its importance in modern organisations.
2. Explain the CIA Triad with real-world examples.
3. What is a Security Operations Centre (SOC) and what are its main responsibilities?
4. Explain the role and responsibilities of a SOC Analyst Level 1.
5. What are network protocols? Explain any three commonly used protocols.
6. What are security logs, and why are they important for cybersecurity monitoring?
7. Define SIEM and explain how it helps in identifying cyber threats.
8. What are Indicators of Compromise (IOC)? Provide examples.
9. Explain the Incident Response Lifecycle in cybersecurity.
10. What is vulnerability management and why is it important for organisations?