Skip to main content
back to List back
on this page

OSDA OffSec Defense Analyst - Foundational Security Operations & Defensive Analysis (SOC-200)

post-event
price $8,500
OffSec
Gervin Appiah
Advanced
5 Days
Penetration Testing, Defense
Sat 18 Nov - Wed 22 Nov
price $8,500

Summary

Learn the foundations of cybersecurity defense with Foundational Security Operations and Defensive Analysis (SOC-200), a course designed for job roles such as Security Operations Center (SOC) Analysts and Threat Hunters.

Learners gain hands-on experience with a SIEM, identifying and assessing a variety of live, end-to-end attacks against a number of different network architectures. Learners who complete the course and pass the exam earn the OffSec Defense Analyst (OSDA) certification, demonstrating their ability to detect and assess security incidents.

Detailed Description

Learn the foundations of cybersecurity defense with Offensive Security’s new Security Operations and Defensive Analysis (SOC-200) course on security operations.


OffSec set the industry standard with Penetration Testing with Kali Linux (PWK), teaching students how to perform practical attacks against networks and systems. Now with SOC-200, we reveal the consequences of common attacks from a defensive perspective.
Students who complete the course and pass the associated exam earn the Offensive Security Defense Analyst (OSDA) certification, demonstrating their ability to detect and assess security incidents. A certified OSDA candidate is prepared to join and participate in a Security Operations Center (SOC) as a Junior Analyst.

Benefits

  • Learn how attackers operate  with the MITRE ATT&CK® framework
  • Audit Windows and Linux endpoints 
  • Review common attacks 
  • Use a SIEM to track adversaries

Agenda / Topics to be Covered

This course covers the following Topics. View the full syllabus: https://www.offsec.com/documentation/SOC-200-Syllabus.pdf

  • Attacker Methodology Introduction
  • Windows Endpoint Introduction
  • Windows Server Side Attacks
  • Windows Client-Side Attacks
  • Windows Privilege Escalation
  • Windows Persistence
  • Linux Endpoint Introduction
  • Linux Server Side Attacks
  • Network Detections
  • Antivirus Alerts and Evasion
  • Network Evasion and Tunneling
  • Active Directory Enumeration
  • Windows Lateral Movement
  • Active Directory Persistence
  • SIEM Part One: Intro to ELK
  • SIEM Part Two: Combining the Logs
  • Exam

Target audience / Who should take this course

  • Job roles like Security Operations Center (SOC) Tier 1, Tier 2, and Tier 3 Analysts, Jr. roles in Threat Hunting and Threat Intelligence Analysts, Jr. roles in Digital Forensics and Incident Response (DFIR) 
  • Anyone interested in detection and security operations, and/or committed to the defense or security of enterprise networks

Student requirements [knowledge pre-requisites]:

  • All prerequisites for SOC-200 can be found within the Offsec Fundamentals Program, included with a Learn Subscription
  • Prerequisite Topics include:
  • SOC-100: Linux Basics 1 & 2
  • SOC-100: Windows Basics 1 & 2
  • SOC-100: Networking Basics

What students should bring with them to the class: 

  •  Laptop

What students will be provided with onsite:  

  • Wi-Fi Internet

About the Exam 

  • The OSDA Exam Scheduling Open Now
  • The SOC-200 course prepares you for the OSDA certification
  • Proctored