New subscription options!     Learn more

SOC-200

Learn the foundations of cybersecurity defense with OffSec's new SOC-200 course on Security Operations

Now enjoy more flexibility and go at your own pace with a Learn subscription.

Earn your OSDA

 

About SOC-200 | Buying Options | Course info | Details | Pricing



Security Operations and Defensive Analysis (SOC-200)

Security Operations and Defensive Analysis

Learn the foundations of cybersecurity defense with Offensive Security’s new Security Operations and Defensive Analysis (SOC-200) course designed for job roles such as Security Operations Center (SOC) Junior Analysts and Threat Hunters.

OffSec set the industry standard with Penetration Testing with Kali Linux (PWK), teaching students how to perform practical attacks against networks and systems. Now with SOC-200 we reveal the consequences of common attacks from a defensive perspective.

Students who complete the course and pass the associated exam earn the Offensive Security Defense Analyst (OSDA) certification, demonstrating their ability to detect and assess security incidents.

More Topics such as how to use a SIEM system coming soon to SOC-200!

SOC-200

How to buy SOC-200

NEW!

Learn One

$2499

  • One course
  • 365 days of lab access
  • Two exam attempts
  • Plus exclusive content
NEW!

Learn Unlimited

$5499

  • All online courses*
  • 365 days of lab access
  • Unlimited exam attempts
  • Plus exclusive content


* Applies to online courses only. AWE (EXP-401) is only taught in live classes.

Course Info

Benefits

Students will learn how to:

  • Learn how attackers operate with the MITRE ATT&CK® framework
  • Audit Windows and Linux endpoints
  • Review common attacks
  • Use a SIEM to track adversaries

About the exam

 

  • The OSDA exam cannot be scheduled at this time
  • The SOC-200 course prepares you for the OSDA certification
  • Proctored
  • More details coming soon

Who is the course for?

  • Job roles like: Security Operations Center (SOC) Analysts, Jr. roles in Threat Hunting and Threat Intelligence Analysts, Jr. roles in Digital Forensics and Incident Response (DFIR) Analysts
  • Anyone interested in detection and security operations, and/or committed to the defense or security of enterprise networks

Course prerequisites

  • All prerequisites for SOC-200 can be found within the Offsec Fundamentals Program, included with a Learn subscription
  • Prerequisite Topics include:
    • SOC-100: Linux Basics 1 & 2
    • SOC-100: Windows Basics 1 & 2
    • SOC-100: Networking Basics

New Training Subscriptions

LEARN ONE and LEARN UNLIMITED

Enjoy flexible learning options with the new Offensive Security Training Library subscriptions – Learn One and Learn Unlimited

 

Learn more

LEARN ONE and LEARN UNLIMITED - Now with DOWNLOADS!

Course Details

COURSE OVERVIEW

This course covers the following Topics. View the SOC-200 syllabus.

  • Attacker Methodology Introduction
  • Windows Endpoint Introduction
  • Windows Server Side Attacks
  • Windows Client Side Attacks
  • Windows Privilege Escalation
  • Linux Endpoint Introduction
  • Linux Server Side Attacks
  • Linux Privilege Escalation
  • Enterprise Network Architecture
  • SOC Management Processes
  • Network Detections
  • Windows Persistence – targeting Q1 2022
  • Antivirus Alerts and Evasion – targeting Q1 2022
  • Network Evasion and Tunneling – targeting Q1 2022
  • Active Directory Enumeration – targeting Q1 2022
  • Windows Lateral Movement – targeting Q2 2022
  • Active Directory Persistence – targeting Q2 2022
  • SIEM pt 1: Introduction to ELK – targeting Q2 2022
  • SIEM pt 2: Combining the Logs – targeting Q2 2022
  • Challenge labs release 1 – targeting Q2 2022
  • Challenge labs release 2 – targeting Q2 2022
  • Exam – targeting end of Q2 2022
EXPLANATION OF TERMS

Topics: All SOC-200 Topics contain text, videos, and exercises in the Offsec Training Library. Note that videos may or may not be released at the same time as the text is.

Topic Lab Machines: Lab machines that are included with each Topic relate to that Topic’s hands-on exercises and help students apply the skills they’ve learned to a specific subject matter. The scope of a Topic machine is simply that machine’s Topic. Topic Lab Machines are released together with the topic text.

Exercises: Topics include both question-and-answer type exercises, as well as hands-on exercises with Lab machines.

Challenge Labs:  Challenge Labs are additional sets of machines that allow students to apply the techniques and skills they have learned in the whole course to novel scenarios. They are meant to consolidate the knowledge contained in the course material and Topic Labs. The scope of  Challenge Lab is the full course content.

WHAT COMPETENCIES WILL YOU GAIN?
  • Students will get hands-on experience investigating malicious activity
  • Students will learn about attack surfaces and how they can be reduced
  • Students will develop a working knowledge of security operations and best practices


The new Fundamental content covered in SOC-100, included with a Learn subscription, prepares you to take SOC-200. Topics include:

  • Enterprise Network Architecture
  • SOC Management Processes

With more Topics added frequently!

Course Pricing

All prices in US dollars. Subscribe to Learn One or contact our training consultants if you're purchasing Learn Unlimited.

Are You Ready?

Register for SOC-200