המועדים הקרובים

קורס לקבוצות

הקורס נפתח במתכונת של קבוצה בלבד, בהתאמה אישית לארגונים.
לפרטים נוספים: Muzman@johnbryce.co.il

המכללה שומרת לעצמה את הזכות לערוך שינויים בתנאים הנוגעים לקורס על מנת להתאים את הלימודים לנסיבות שאינן בשליטתה. לרבות באמצעות שינוי מקום הלימוד, שינוי מועד פתיחת הקורס,  החלפת מתכונת הלימוד ללימודים מקוונים, ו/או הקפאת הלימודים בקורס והמשכם לאחר חלוף הנסיבות שדרשו זאת ו/או כל שינוי אחר שיידרש לאור נסיבות שאינן בשליטת המכללה כאמור. בקרות נסיבות כאמור, המכללה תבחר ותיישם כל שינוי שידרש בהתאם למיטב שיקוליה המקצועיים.

ניתן לפתוח קורס בהתאמה אישית לארגונים במועד שיתואם עימנו

משך הקורס

שעות אקדמיות:

40

מספר מפגשים:

קורס בוקר:

5

מספר מפגשים:

קורס בוקר:

5

מתכונת הקורס

הקורסים המוזמנים לארגונים מותאמים באופן אישי ומלא לצרכי הארגון, מערכי הלימוד גמישים וניתן לשלב בהם תכנים רלוונטיים וייעודיים.

המבחן של המדינה קבע שג'ון ברייס היא המכללה שמשלבת הכי הרבה בוגרים בעבודה בהייטק

Overview

The Security Operations Center (SOC) lies at the front line of malicious attacks against its network. Those responsible for the initial triage of an incident are the SOC analysts and incident responders. This course covers the necessary skills and practices to train such SOC personnel and successfully operate a modern-day SOC. The training starts from a broad understanding of the various SOC functions and a thorough workout on its technologies, up to a real-time hands-on practice in a virtual simulation environment. This training aims to develop a highly knowledgeable, practical, and skilled security team inside the organization to handle cybersecurity incidents regularly.

The course helps prepare for the certification exams CISM (ISACA) and GSEC (SANS).

Objectives

Provide students with an understanding of the SOC environment, roles, and functionalities

Gain practical capabilities of working inside a SOC as Tier-1 analysts and incident responders

Understand the work of forensic investigators in a SOC

Practice the acquired knowledge in real-time through the simulation environment

Become familiar with different attack scenarios

Who Should Attend

The course targets participants with foundation knowledge in computer networking, who wish to operate a SOC on the analyst and incident responder levels, or individuals who serve as corporate security analysts. Incident responders System/network administrators IT security personnel

תכנית הלימודים

Full syllabus
PDF להורדה

Module 1: Windows Domain

Windows Server

  • Installing Windows Server
  • Configuring Windows Server
  • Managing Features
  • Windows Events
  • Sysmon

Windows Domain

  • Installing AD DS
  • Configuring AD DS
  • Managing Domain Protocols
  • Working with Group Policy
  • Working with Wireshark

 

Module 2: SOC Environment

Firewalls

  • pfSense Installation
  • Configuring FW Rules
  • Configuring NAT Rules
  • Installing and Managing Packages
  • Real-Time Monitoring

IDS/IPS

  • Working with Snort
  • Snort Rules Structure
  • Setting and Configuring Rules
  • Passing Traffic using the NAT Feature
  • Analyzing Advanced Rules

 

Module 3: Using the SIEM

ELK

  • Monitoring Events
  • Different Search Methods
  • Custom Queries
  • Setting Alerts

Splunk

  • Monitoring with Splunk
  • SPL Basics
  • Splunk Alerts
  •  

Module 4: Threat Hunting

Log Analysis

  • Analyzing Logs
  • Advanced Filtering

MITRE ATT&CK

  • Hunting via Events
  • Creating Hunting Rules

Sysmon

  • Configuring XML Settings
  • Analyzing Sysmon Events

 

YARA

  • Rules Structure
  • Hunting with YARA

Incident Response

  • Network Analysis
  • IR Playbooks
  • Investigating Files
סימולטור - Cyberium Arena

The courses at John Bryce Training allow you to gain experience with unique simulators and hands-on practice labs that include a variety of scenarios. Students are given the opportunity to put in practice what they have learned in order to retain all the relevant skills and information they were given throughout the course, this way upgrading their knowledge and expertise.

The simulator that is used in the hands on practice labs is The Cyberium system. This is an advanced cyber scenario simulator which has been developed by cyber experts who have been constantly involved in cyber training and in giving knowledge gaps solutions in the field of cyber. The simulator includes two main types of scenarios – educational and realistic.

Each educational scenario is focused on a different aspect of the course and simulates a specific aspect of the training topics. Each issue or topic taught in the course has a point exercise that allows the student to focus on it and deeply learn it.

The realistic scenarios simulate possible or past incidents related to Information Security. This includes everything from topics such as the Regulation of Cyber Systems to Attacks by Terrorist Hacker Organizations. These scenarios are broader than the educational exercises and require more of a systemic, strategic and comprehensive vision.

After each scenario, the system automatically generates detailed reports that serve as immediate feedback that allows the student and lecturer to measure the abilities, strengths, and weaknesses of the participant.

Schedule Appointment

Fill out the form below, and we will be in touch shortly.

לא הצלחנו לאתר את הטופס.

בודק...