Student? Switch to our Career Center Site →
Contact Us

SOC Level 1

Take your SOC analyst skills to the next level with four full days of intensive live training, labs, and challenges designed to build the foundational skills essential for success in defensive security operations. This course provides deep, practical coverage of monitoring, detection, analysis, and incident response across key areas including phishing, network security, endpoint protection, SIEM management, threat intelligence, and DFIR (Digital Forensics and Incident Response). By the end of the training, you’ll have a comprehensive understanding of Security Operations Center functions and investigative techniques—developed through real-world scenarios that reflect the demands placed on today’s SOC professionals. This course includes an Exam Vouchers for TCM Security’s Practical SOC Analyst Associate (PSAA) certification. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date.
Select Class Date
Course Details

Price:

$1,999.00

Days:

4

Location:

Course Overview

Take your SOC analyst skills to the next level with four full days of intensive live training, labs, and challenges designed to build the foundational skills essential for success in defensive security operations. This course provides deep, practical coverage of monitoring, detection, analysis, and incident response across key areas including phishing, network security, endpoint protection, SIEM management, threat intelligence, and DFIR (Digital Forensics and Incident Response). By the end of the training, you’ll have a comprehensive understanding of Security Operations Center functions and investigative techniques—developed through real-world scenarios that reflect the demands placed on today’s SOC professionals. This course includes an Exam Vouchers for TCM Security’s Practical SOC Analyst Associate (PSAA) certification. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date.
  • Scroll right to view Objectives, Prerequisites, and Agenda

Security Operations Fundamentals Phishing Analysis Network Security Monitoring Network Traffic Analysis Endpoint Security Monitoring Endpoint Detection and Response Log Analysis and Management Security Information and Event Management (SIEM) Threat Intelligence Digital Forensics Incident Response

System Requirements 8GB RAM & 256GB HDD Up-to-Date OS & Internet Browser Stable Internet connection Completion of the Practical Help Desk course, A+/Net+ equivalent, or familiarity with the topics such as: Basic familiarity with Windows and Linux operating system components. Experience working with the command-line and knowledge of basic commands and navigation (e.g., cd, ls, cat). Knowledge of network concepts such as subnets, internal vs. external IP addresses, network address translation, and routing. Understanding of foundational security concepts such as the CIA triad, security controls, encryption, and hashing.

Day 1

  • Class Introduction
  • Lab Access, Setup, and Configuration
  • Understanding the SOC
  • Understanding Phishing Attacks and Techniques
  • Email Analysis
  • URL Analysis
  • Attachment Analysis
  • MalDoc Analysis
  • Phishing Defenses
  • Ticket Challenge – Walkthrough and Break
  • Understanding Packets and Flows
  • Network Traffic Analysis with TCPDump
  • Network Traffic Analysis with Wireshark
  • Ticket Challenge

Day 2

  • Understanding Endpoint Security
  • Windows – Hunting Malicious Network Connections
  • Windows – Hunting Malicious Processes
  • Live IR with SysInternals and Autoruns
  • Windows – Understanding Core Processes
  • Windows – Hunting Persistence
  • Ticket Challenge – Walkthrough and Break
  • Linux – Hunting Malicious Network Connections
  • Linux – Hunting Malicious Processes
  • Linux – Understanding Core Processes
  • Linux – Hunting Persistence
  • Ticket Challenge – Walkthrough and Break
  • Understanding the SIEM
  • Common Attack Signatures
  • Command Line Log Analysis
  • Ticket Challenge

Day 3

  • Splunk Introduction
  • Search Processing Language
  • Search Commands
  • Reporting, Alerting, and Dashboards
  • Investigating Intrusions with Splunk
  • Deploying Forwarders
  • Ticket Challenge – Walkthrough and Break
  • Understanding Threat Intelligence
  • Threat Intelligence Frameworks
  • MITRE ATT&CK
  • Ticket Challenge – Walkthrough and Break
  • Detecting Malware with YARA
  • Reading and Writing YARA Rules
  • Ticket Challenge

Day 4

  • Understanding Digital Forensics Investigations
  • Disk Image Acquisition with FTK Imager
  • Memory Acquisition with FTK Imager
  • Ticket Challenge – Walkthrough and Break
  • Windows Forensic Artifacts
  • Forensic Image Analysis with Autopsy
  • Memory Analysis with Volatility
  • Ticket Challenge – Walkthrough and Break
  • The Incident Response Process
  • Training Wrap-Up
Select Class Date
Class Dates & Times
Filters Sort results
Reset Apply
08/17/2026 - 08/20/2026
Virtual
09:00:00 to 17:00:00 EST
Enroll Now
$1,999.00
11/02/2026 - 11/05/2026
Virtual
08:00:00 to 16:00:00 EST
Enroll Now
$1,999.00
— Questions?

Information Request

— Empower Change

Invest in Skills & Equality

Support Diversity, Equity, and Inclusion with Every Purchase.

Great Horizons is a North Carolina Certified HUB Vendor and WOSB. By becoming a patron of our organization, you are not only supporting a historically underutilized business, but a woman-owned small business as well.