New Horizons
Project Management Academy
Six Sigma Online
TCM Security
TRACOM
Velopi
Watermark Learning
Login
NEW: LIVE TRAINING CLASSES NOW INCLUDE AN EXAM ATTEMPT READ MORE
SOC Level 1 Live Training: Course Overview
Take your SOC analyst skills to the next level in this live training presented by Andrew Prince. You’ll hit the ground running with four full days (9am – 5pm ET) of back-to-back live training, labs, and challenges that cover the foundational skills needed for success in defensive security operations.
This training dives deep into monitoring, detection, analysis, and response across critical areas including phishing, network security, endpoint protection, SIEM management, threat intelligence, and DFIR operations.
By the end of this training, you’ll have an in-depth grasp of SOC operations and investigative skills. All lessons draw from real-world SOC experience and scenarios encountered by security professionals in active environments.
The SOC Level 1 live training includes an exam voucher for the Practical SOC Analyst Associate (PSAA) certification. Each exam voucher includes 1 exam attempt and is valid for 12 months from the class completion date.
This class is limited to 50 students, so sign up today to reserve your spot.
Course Objectives
By the end of the training, participants will have a thorough understanding of:
- Security Operations Fundamentals
- Phishing Analysis
- Network Security Monitoring
- Network Traffic Analysis
- Endpoint Security Monitoring
- Endpoint Detection and Response
- Log Analysis and Management
- Security Information and Event Management (SIEM)
- Threat Intelligence
- Digital Forensics
- Incident Response
System Requirements
- 8GB RAM & 256GB HDD
- Up-to-Date OS & Internet Browser
- Stable Internet connection
Prerequisites
- Completion of the Practical Help Desk course, A+/Net+ equivalent, or familiarity with the topics such as:
- Basic familiarity with Windows and Linux operating system components.
- Experience working with the command-line and knowledge of basic commands and navigation (e.g., cd, ls, cat).
- Knowledge of network concepts such as subnets, internal vs. external IP addresses, network address translation, and routing.
- Understanding of foundational security concepts such as the CIA triad, security controls, encryption, and hashing.
Live, Instructor-Led
SOC Level 1 Certification Training
Details
32+ Hours of Live Online Instruction and CEU Credits
30+ Hours of On-Demand Training (6 Months Access)
1 PSAA Exam Attempt (12 Months Access)
Online Labs w/ 50 Hours Access Post Training
Private Cohort and Instructor Access
24/7/365 Course Support (Lifetime)
Who Should Take SOC Level 1 Live Training?
- Aspiring SOC Analysts and Incident Responders.
- Individuals with a strong interest in blue teaming and a desire to understand how security operations work in real-world environments.
- IT professionals with some experience in networking or systems administration who want to expand their skills into the SOC and cybersecurity field.
- Students looking to prepare for the Practical SOC Analyst Associate (PSAA) exam.
Why Choose TCM Security Instructor-Led Training?
No Fluff, Practical Focus
You’ll walk away with hands-on knowledge and practical skills that can be immediately applied in real-world scenarios.
Lab Access
After the training ends, you have 50 hours of access to online virtual labs to practice what you learned.
Interactive, Small Group Setting
We limit our class sizes to 50 students to encourage interaction with the instructor and classmates. You’ll have access to a private Discord channel for class communication and networking.
Post-Training Resources
You’ll have 6 months of access to on-demand training materials after the training ends.
Professional Development
TCM Security live trainings are eligible for Continuing Education Unit (CEU) credits.
Prepare for Certification Exams
Intensive live training classes will prepare you for TCM Security Certifications and include a certification voucher related to the training.
Training Options for Organizations
The cybersecurity field is always evolving and learning never stops. TCM’s Live Training options will equip your employees with practical, hands-on skills that they can immediately put to use on the job. We offer bulk discounts for organizations looking to purchase multiple seats in our live training classes. We can also conduct private group session training. Please reach out to us using the form if you are interested in learning more about those options!
“What I learned in just one day of Hacking (and Defending) Active Directory training has given me the edge on how to help my customers better secure their environments.”
Curriculum and Agenda
Prerequisites
- Completion of the Practical Help Desk course, A+/Net+ equivalent, or familiarity with the topics such as:
- Basic familiarity with Windows and Linux operating system components.
- Experience working with the command-line and knowledge of basic commands and navigation (e.g., cd, ls, cat).
- Knowledge of network concepts such as subnets, internal vs. external IP addresses, network address translation, and routing.
- Understanding of foundational security concepts such as the CIA triad, security controls, encryption, and hashing.
Day One
- Class Introduction
- Lab Access, Setup, and Configuration
- Understanding the SOC
- Understanding Phishing Attacks and Techniques
- Email Analysis
- URL Analysis
- Attachment Analysis
- MalDoc Analysis
- Phishing Defenses
- Ticket Challenge – Walkthrough and Break
- Understanding Packets and Flows
- Network Traffic Analysis with TCPDump
- Network Traffic Analysis with Wireshark
- Ticket Challenge
Day Two
- Understanding Endpoint Security
- Windows – Hunting Malicious Network Connections
- Windows – Hunting Malicious Processes
- Live IR with SysInternals and Autoruns
- Windows – Understanding Core Processes
- Windows – Hunting Persistence
- Ticket Challenge – Walkthrough and Break
- Linux – Hunting Malicious Network Connections
- Linux – Hunting Malicious Processes
- Linux – Understanding Core Processes
- Linux – Hunting Persistence
- Ticket Challenge – Walkthrough and Break
- Understanding the SIEM
- Common Attack Signatures
- Command Line Log Analysis
- Ticket Challenge
Day Three
- Splunk Introduction
- Search Processing Language
- Search Commands
- Reporting, Alerting, and Dashboards
- Investigating Intrusions with Splunk
- Deploying Forwarders
- Ticket Challenge – Walkthrough and Break
- Understanding Threat Intelligence
- Threat Intelligence Frameworks
- MITRE ATT&CK
- Ticket Challenge – Walkthrough and Break
- Detecting Malware with YARA
- Reading and Writing YARA Rules
- Ticket Challenge
Day Four
- Understanding Digital Forensics Investigations
- Disk Image Acquisition with FTK Imager
- Memory Acquisition with FTK Imager
- Ticket Challenge – Walkthrough and Break
- Windows Forensic Artifacts
- Forensic Image Analysis with Autopsy
- Memory Analysis with Volatility
- Ticket Challenge – Walkthrough and Break
- The Incident Response Process
- Training Wrap-Up
*Curriculum is dependent on class skillset and other varying factors. Curriculum may change at the instructor’s discretion.
Request Live Training Reimbursement
Training doesn’t stop once you land a pentesting position. If your company offers a training budget or reimbursement for continuing education, consider using it on TCM Security live training and certifications! To make things easier, we’ve created a Training Budget Request Template—a customizable document designed to align your learning goals with your company’s objectives. Be sure to follow your company’s policies and procedures to increase the likelihood of your request being approved.
Frequently Asked Questions
Do I need to prepare anything before the training begins?
What skill level should I have to take the training?
How long will each training session be?
What certification is included?
This training prepares you for the Practical SOC Analyst Associate (PSAA) certification exam. Your purchase includes 12 months of access to the training materials and the exam attempt. Please note that certification vouchers purchased in a live training bundle do NOT include a free retake.
Do you offer any discounts?
Live trainings are not eligible for the student, educator, military, or first responder discount because they are already discounted to include the certification voucher. We periodically offer sales and promotions. Join our email list or follow us on social media to be informed when sales begin.
Does the class come with a PSAA voucher?
Yes! The class includes 1 PSAA exam attempt.
