Course Content
1
Wireshark: Capturing and Dissecting SOC Network Traffic
5 lessons- 1Capture Live Traffic and Apply Capture vs. Display Filters30 min
- 2Dissect TCP Three-Way Handshake and Follow TCP Streams28 min
- 3Decode DNS, HTTP, and TLS Handshakes for IOCs30 min
- 4Identify Beaconing, Port Scans, and Exfiltration in PCAPs30 min
- 5Integrate Wireshark Findings into a SOC Triage Report30 min
2
Nmap: Reconnaissance and Attack Surface Mapping from the SOC Side
5 lessons- 1Discover Live Hosts with Ping Sweeps and ARP Scans28 min
- 2Run TCP SYN, UDP, and Version Scans to Fingerprint Services30 min
- 3Automate Enumeration with the Nmap Scripting Engine (NSE)30 min
- 4Detect and Log Nmap Scans from the Defender's Perspective30 min
- 5Build an Attack-Surface Map and Detection Baseline32 min
3
Nessus and OpenVAS: Vulnerability Scanning and CVSS Triage
4 lessons4
Threat Detection and Incident Response
4 lessons5