SOC Level 1
- • Aug 17–20, 2026 · Live Remote Online
- • Nov 2–5, 2026 · Live Remote Online
Contact IT Dojo for current pricing, available dates, and a custom quote tailored to your team or organization.
Course Duration
4 days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Completion of the Practical Help Desk course, CompTIA A+/Network+ equivalent, or familiarity with: basic Windows and Linux OS components, command-line navigation, network concepts (subnets, NAT, routing), and foundational security concepts (CIA triad, encryption, hashing). System requirements: 8GB RAM, 256GB HDD, up-to-date OS and internet browser, stable internet connection.
Course Description
Take your SOC analyst skills to the next level with four full days of intensive live training, labs, and challenges designed to build the foundational skills essential for success in defensive security operations. This course provides deep, practical coverage of monitoring, detection, analysis, and incident response across key areas including phishing, network security, endpoint protection, SIEM management, threat intelligence, and DFIR (Digital Forensics and Incident Response). By the end of the training, you will have a comprehensive understanding of Security Operations Center functions and investigative techniques developed through real-world scenarios that reflect the demands placed on today's SOC professionals. This course includes an Exam Voucher for TCM Security's Practical SOC Analyst Associate (PSAA) certification. Each exam voucher includes 1 exam attempt and is valid for 12 months from the course completion date.
Learning Objectives
- Security Operations Fundamentals
- Phishing Analysis
- Network Security Monitoring
- Network Traffic Analysis
- Endpoint Security Monitoring
- Endpoint Detection and Response
- Log Analysis and Management
- Security Information and Event Management (SIEM)
- Threat Intelligence
- Digital Forensics
- Incident Response
Course Outline
Day 1 – SOC Fundamentals and Phishing Analysis
- Class Introduction, Lab Access, Setup, and Configuration
- Understanding the SOC
- Understanding Phishing Attacks and Techniques
- Email Analysis
- URL Analysis
- Attachment Analysis
- MalDoc Analysis
- Phishing Defenses
- Understanding Packets and Flows
- Network Traffic Analysis with TCPDump
- Network Traffic Analysis with Wireshark
Day 2 – Endpoint Security and SIEM
- Understanding Endpoint Security
- Windows: Hunting Malicious Network Connections and Processes
- Live IR with SysInternals and Autoruns
- Windows: Understanding Core Processes and Hunting Persistence
- Linux: Hunting Malicious Network Connections and Processes
- Linux: Understanding Core Processes and Hunting Persistence
- Understanding the SIEM
- Common Attack Signatures
- Command Line Log Analysis
Day 3 – Splunk and Threat Intelligence
- Splunk Introduction and Search Processing Language
- Search Commands, Reporting, Alerting, and Dashboards
- Investigating Intrusions with Splunk
- Deploying Splunk Forwarders
- Understanding Threat Intelligence and Frameworks
- MITRE ATT&CK
- Detecting Malware with YARA: Reading and Writing YARA Rules
Day 4 – Digital Forensics and Incident Response
- Understanding Digital Forensics Investigations
- Disk Image Acquisition with FTK Imager
- Memory Acquisition with FTK Imager
- Windows Forensic Artifacts
- Forensic Image Analysis with Autopsy
- Memory Analysis with Volatility
- The Incident Response Process
Frequently Asked Questions
What does the SOC Level 1 course cover?
Take your SOC analyst skills to the next level with four full days of intensive live training, labs, and challenges designed to build the foundational skills essential for success in defensive security operations. IT Dojo delivers it as live instructor-led training for government and business professionals.
How long is IT Dojo's SOC Level 1 training?
SOC Level 1 is a 4 days course. It is available as live remote online instruction or on-site at your facility.
Is this course available as live remote online training?
Yes. IT Dojo offers SOC Level 1 as live remote online training led in real time by a certified instructor. On-site delivery at your government facility or contractor location is also available.
Who should attend this course?
Aspiring and junior SOC analysts, IT professionals transitioning into defensive security roles, and security professionals seeking to build foundational SOC skills.
Does SOC Level 1 prepare students for a certification?
Yes. SOC Level 1 maps to the PSAA – Practical SOC Analyst Associate credential. IT Dojo's instructor-led training is built to prepare students for the exam.
Does IT Dojo offer this training on-site at government or DoD facilities?
Yes. IT Dojo delivers SOC Level 1 on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams and can be customized to your organization's workflows. Contact IT Dojo to schedule.
How do I register for this course?
IT Dojo training is employer sponsored. Your organization registers and pays for seats. To schedule SOC Level 1 for your team, contact IT Dojo via the Request Training form or call 757-216-3656.