- Course Title: Certified SOC Analyst (CSA)
- Institution: International Cybersecurity and Digital Forensics Academy (ICDFA)
- Program Director: Aminu Idris, AMCPN
- Duration: 6 Months (Standard Track)
- Prerequisites: Basic understanding of networking and operating systems.
This program is designed to equip aspiring cybersecurity professionals with the hands-on skills and knowledge required to work in a Security Operations Center (SOC). The curriculum is highly practical, focusing on real-world scenarios, industry-standard tools, and large-scale datasets.
Upon successful completion of this program, students will be able to:
- Analyze and respond to security incidents: Investigate, document, and report on security incidents using industry best practices.
- Utilize SOC tools and technologies: Demonstrate proficiency in using SIEM, EDR, NSM, and other SOC tools.
- Perform network and malware analysis: Analyze network traffic and malware samples to identify threats.
- Conduct threat hunting: Proactively hunt for threats in an enterprise environment.
- Apply cloud security principles: Monitor and secure cloud environments.
- Module Assignments: 40%
- Labs: 30%
- Quizzes: 10%
- Capstone Project: 15%
- Final Exam: 5%
- A computer with at least 16GB of RAM and 100GB of free disk space.
- VirtualBox or VMware Workstation Player.
- Internet access.
This is a 6-month program. The following is a week-by-week breakdown of the topics covered.
| Week | Module | Topic |
|---|---|---|
| 1 | 1: SOC Fundamentals & Home Lab Setup | Introduction to SOC Operations |
| 2 | 1: SOC Fundamentals & Home Lab Setup | Building Your SOC Home Lab |
| 3 | 1: SOC Fundamentals & Home Lab Setup | Essential Linux Command-Line Skills |
| 4 | 1: SOC Fundamentals & Home Lab Setup | Essential Windows PowerShell Skills |
| 5 | 2: Network Security & Traffic Analysis | Networking Fundamentals for SOC Analysts |
| 6 | 2: Network Security & Traffic Analysis | Network Security Monitoring Tools |
| 7 | 2: Network Security & Traffic Analysis | Firewall and Proxy Log Analysis |
| 8 | 2: Network Security & Traffic Analysis | Advanced Traffic Analysis & CIC-IDS2017 |
| 9 | 3: SIEM & Log Management | Introduction to SIEM |
| 10 | 3: SIEM & Log Management | Basic SIEM Alerting and Correlation |
| 11 | 3: SIEM & Log Management | Threat Intelligence Integration |
| 12 | 3: SIEM & Log Management | Advanced SIEM Usage |
| 13 | 4: Endpoint Security & Malware Analysis | Endpoint Security and EDR |
| 14 | 4: Endpoint Security & Malware Analysis | Digital Forensics and Incident Response |
| 15 | 4: Endpoint Security & Malware Analysis | Malware Analysis with FlareVM |
| 16 | 4: Endpoint Security & Malware Analysis | Phishing Email Analysis |
| 17 | 5: Cloud SOC Monitoring | Introduction to Cloud Security |
| 18 | 5: Cloud SOC Monitoring | Cloud SOC Monitoring with CSE-CIC-IDS2018 |
| 19 | 5: Cloud SOC Monitoring | AWS Security Services |
| 20 | 5: Cloud SOC Monitoring | Azure and GCP Security Services |
| 21 | 6: Threat Hunting & Cyber Threat Intelligence | Introduction to Threat Hunting |
| 22 | 6: Threat Hunting & Cyber Threat Intelligence | Advanced Threat Hunting |
| 23 | 7: AI/ML in SOC & Capstone | AI and Machine Learning in SOC |
| 24 | 7: AI/ML in SOC & Capstone | Capstone Project & Final Exam |