Blue Team Fundamentals: Security Operations and Analysis Training Course

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at beginner to intermediate-level security analysts and system administrators who wish to establish a foundational understanding of Cyber Defence (SOC) analysis.

By the end of this training, participants will be able to:

• Understand the principles of Security Management in a Cyber Defence context.
• Execute effective Incident Response strategies to mitigate security incidents.
• Implement Security Education practices to enhance organizational awareness and preparedness.
• Manage and analyze Security Information for proactive threat identification.
• Utilize Event Management techniques to monitor and respond to security events.
• Implement Vulnerability Management processes to identify and address system vulnerabilities.
• Develop skills in Threat Detection to identify and respond to potential cyber threats.
• Participate in Simulated Attacks to test and improve incident response capabilities.

The Certified Digital Forensics Examiner vendor-neutral certification is designed to train cyber crime and fraud investigators. This program equips students with the skills needed for electronic discovery and advanced investigation techniques, making it essential for anyone who encounters digital evidence during an investigation.

The training for the Certified Digital Forensics Examiner covers the methodology required to conduct a computer forensic examination. Students will learn forensically sound investigative methods to assess the scene, collect and document all relevant information, interview key personnel, maintain the chain of custody, and write a comprehensive findings report.

The Certified Digital Forensics Examiner course is beneficial for organizations, individuals, government offices, and law enforcement agencies that are interested in pursuing litigation, proving guilt, or taking corrective action based on digital evidence.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to implement CTEM in their organizations.

By the end of this training, participants will be able to:

• Understand the principles and stages of CTEM.
• Identify and prioritize risks using CTEM methodologies.
• Integrate CTEM practices into existing security protocols.
• Utilize tools and technologies for continuous threat management.
• Develop strategies to validate and improve security measures continuously.

This course explores how to effectively manage an incident response team. It covers the role of the first responder, especially considering the increasing frequency and complexity of today's cyber attacks. Incident response serves as the final line of defense for organizations, making it a critical function.

Detecting and responding efficiently to incidents demands robust management processes. Managing an incident response team requires specialized skills and knowledge to ensure that the organization is well-prepared and responsive.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats.

By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

This instructor-led, live training in Uzbekistan (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks. 

In this course, you will explore the fundamental principles and techniques used in digital forensics investigations, along with a wide range of computer forensics tools. You will gain an understanding of core forensic procedures to ensure that evidence is admissible in court, as well as delve into the legal and ethical implications of these practices.

You will learn how to conduct forensic investigations on both Unix/Linux and Windows systems, including various file systems. The course also covers advanced topics such as wireless, network, web, database, and mobile crime investigations.

This class will immerse students into an interactive environment where they will learn how to scan, test, hack, and secure their own systems. The lab-intensive setting provides each student with in-depth knowledge and practical experience with essential security systems. Students will start by understanding how perimeter defenses function and then move on to scanning and attacking their own networks—no real network is compromised. They will also learn how intruders escalate privileges and the steps that can be taken to secure a system. Additionally, students will explore Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows, and Virus Creation. By the end of this intensive 5-day course, students will have hands-on understanding and practical experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed these minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

This course is ideal for professionals in positions such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Directors/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

Why should you attend?

The Certified Lead Ethical Hacker training course equips you with the essential expertise to conduct information system penetration tests using recognized principles, procedures, and techniques. This helps identify potential threats on a computer network. Throughout the course, you will acquire the knowledge and skills needed to manage a penetration testing project or team, as well as plan and execute both internal and external pentests, in line with standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Additionally, you will gain a comprehensive understanding of how to draft reports and propose countermeasures. Through practical exercises, you will master penetration testing techniques and develop the skills required to manage a pentest team, handle customer communication, and resolve conflicts.

The Certified Lead Ethical Hacking training course offers a technical perspective on information security through ethical hacking, utilizing common methods like information gathering and vulnerability detection, both within and outside of business networks.

This training aligns with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.

After acquiring the necessary knowledge and skills in ethical hacking, you can sit for the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. Holding a PECB Lead Ethical Hacker certificate will demonstrate your proficiency in performing and managing penetration tests according to best practices.

Who should attend?

• Individuals interested in IT Security, especially in Ethical Hacking, whether to deepen their understanding or embark on a career change.
• Information security officers and professionals aiming to master ethical hacking and penetration testing techniques.
• Managers or consultants looking to gain control over the penetration testing process.
• Auditors who wish to conduct professional penetration tests.
• Those responsible for securing information systems within an organization.
• Technical experts interested in learning how to prepare a pentest.
• Cybersecurity professionals and members of information security teams.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at computer users who wish to understand malware and take appropriate measures to minimize its threat.

By the end of this training, participants will be able to:

• Understand the concept of malware.
• Identify the different types of malware.
• Take necessary steps to mitigate malware (procedural, technological, awareness, etc).

Format of the Course

• Interactive lectures and discussions.
• Plenty of exercises and practical sessions.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange the details.

The Certified Ethical Hacker certification is highly sought after in the field of cybersecurity worldwide.

This program combines instruction and practical exercises to prepare students for both the CEH certification exam and the CEH Practical Exam. Successfully passing both exams will earn candidates the prestigious CEH Master credential along with their CEH certification.

Students have the option to add either the CPENT or the CHFI course to their package.

Each student will receive training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course through EC-Council’s online, self-paced, streaming video program.

CPENT (Pen-test):
This course teaches students how to apply the concepts and tools from the CEH program to a penetration testing methodology in a live cyber range environment.

CHFI (Computer Forensics):
This course provides a methodological approach to computer forensics, including techniques for searching and seizing evidence, maintaining the chain of custody, acquiring, preserving, analyzing, and reporting digital evidence.

Course Description

The CEH program offers an in-depth understanding of ethical hacking phases, various attack vectors, and preventive countermeasures. It teaches you how hackers think and act maliciously so that you can better position yourself to set up your security infrastructure and defend against future attacks. Understanding system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident.

The CEH program is designed with a hands-on approach and systematic process across each ethical hacking domain and methodology, providing you with the opportunity to demonstrate the knowledge and skills needed to achieve the CEH credential. You will gain a new perspective on the responsibilities and measures required to ensure security.

Who Should Attend

• Law enforcement personnel
• System administrators
• Security officers
• Defense and military personnel
• Legal professionals
• Bankers
• Security professionals

About the Certified Ethical Hacker Master

To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam is designed to test students' ability to apply the principles taught in the CEH course. This practical exam requires you to demonstrate your skills in ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

The CEH Practical Exam does not involve simulations. Instead, you will face a live range that mimics a corporate network using live virtual machines, networks, and applications.

Successfully completing the challenges in the CEH Practical Exam is the next step after obtaining the Certified Ethical Hacker (CEH) certification. Passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.

About the Certified Ethical Hacker Practical

To demonstrate your skills in ethical hacking, we test your abilities with real-world challenges in a live environment. You will use labs and tools to complete specific ethical hacking tasks within a time limit, just as you would encounter in the real world.

The EC-Council CEH (Practical) exam features a complex network that replicates a large organization’s real-life network, including various systems such as DMZs and firewalls. You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while also auditing the systems.

About CPENT

EC-Council’s Certified Penetration Tester (CPENT) program focuses on penetration testing in an enterprise network environment. It teaches you how to attack, exploit, evade, and defend such networks. If you have only worked with flat networks, CPENT’s live practice range will elevate your skills by teaching you to test IoT systems, OT systems, write your own exploits, build tools, conduct advanced binary exploitation, double pivot to access hidden networks, and customize scripts and exploits to penetrate the innermost segments of a network.

About CHFI

The Computer Hacking Forensic Investigator (CHFI) course provides a vendor-neutral perspective on digital forensics. It covers major forensic investigation scenarios and equips students with hands-on experience in various forensic techniques and standard tools necessary for conducting successful computer forensic investigations.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start implementing MITRE ATT&CK.
• Classify how attackers interact with systems.
• Document adversary behaviors within systems.
• Track attacks, decipher patterns, and rate defense tools already in place.

Discover how to investigate, respond to, and actively search for cyber threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. This course will guide you through the process of mitigating cyber risks using these advanced technologies. You will learn how to set up and utilize Azure Sentinel effectively, as well as master Kusto Query Language (KQL) for detection, analysis, and reporting. The course is tailored for individuals in Security Operations roles and helps prepare you for the SC-200: Microsoft Security Operations Analyst exam.

Audience Profile

The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure information technology systems. Their primary goal is to minimize organizational risk by quickly addressing active attacks, suggesting improvements to threat protection practices, and reporting policy violations to the appropriate parties. Responsibilities include managing threats, monitoring, and responding to incidents using a variety of security solutions across the organization's environment. The Security Operations Analyst primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. As they rely on the operational output of these tools, they also play a crucial role in their configuration and deployment.

Job role: Security Engineer

Preparation for exam: SC-200

Features: none

Skills gained

• Explain how Microsoft Defender for Endpoint can help mitigate risks in your environment
• Create a Microsoft Defender for Endpoint setup
• Set up Attack Surface Reduction rules on Windows 10 devices
• Perform actions on a device using Microsoft Defender for Endpoint
• Investigate domains and IP addresses within Microsoft Defender for Endpoint
• Examine user accounts in Microsoft Defender for Endpoint
• Configure alert settings in Microsoft Defender for Endpoint
• Understand how the threat landscape is evolving
• Conduct advanced hunting in Microsoft 365 Defender
• Manage incidents in Microsoft 365 Defender
• Explain how Microsoft Defender for Identity can help mitigate risks in your environment
• Investigate DLP alerts in Microsoft Cloud App Security
• Describe the actions you can take on an insider risk management case
• Set up auto-provisioning in Azure Defender
• Address alerts in Azure Defender
• Create KQL statements
• Filter searches by event time, severity, domain, and other relevant data using KQL
• Extract data from unstructured string fields with KQL
• Manage an Azure Sentinel workspace
• Use KQL to access the watchlist in Azure Sentinel
• Manage threat indicators in Azure Sentinel
• Explain the differences between Common Event Format and Syslog connectors in Azure Sentinel
• Connect Azure Windows Virtual Machines to Azure Sentinel
• Configure the Log Analytics agent to collect Sysmon events
• Create new analytics rules and queries using the analytics rule wizard
• Create a playbook to automate incident response
• Use queries to hunt for threats
• Monitor threats over time with livestream

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at information analysts who wish to learn the techniques and processes behind social engineering so as to protect sensitive company information.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.