SOC100-1: Prepare

125 questions. 2.5 hours. 80% to pass. Three attempts included in SOC100-1 purchase or can be purchased individually.

This badge signifies a practical and applied understanding of the following areas, essential for a SOC Tier 1 Analyst testing you on the following:

• Windows Operating System: Proficiency in navigating and managing Windows, including user and file permissions, registry edits, scripting, and system troubleshooting.
• Linux Operating System: Practical expertise in Linux file systems, terminal operations, process management, scripting, and system administration.
• Networking: Solid foundation in networking concepts, including protocols, subnetting, packet analysis, and using tools like Nmap and Wireshark for traffic analysis.
• Enterprise Network Administration: Experience configuring and managing domain environments, implementing security policies, automating tasks, and enhancing endpoint logging.

This badge also tests you on knowledge you would only have been able to gain by completing the contents of these modules in SOC100-1 or have gained in the field:

• HelpDesk Operations: Hands-on skills in resolving real-world IT support tickets involving performance diagnostics, network issues, and security concerns.
• Home Lab Development: Knowledge and practical application of building and managing a home lab for continuous learning and career growth. 

Link to public digital badge here.

SOC100-2: Train

Holders of this badge have demonstrated the working and applied knowledge of SOC Analyst Tier 1 triage competencies, and related technical knowledge:

• GRC
• Cryptography
• Email / Malspam Analysis
• Log & Event Analysis with SIEM
• Compromised Windows Endpoint Triage
• Technical Report Writing
• Cyber Threat Intelligence
• Building a Malware Analysis Lab

Available Feb 17th 2025.

SOC100-3: Defend

Note - this is an ENTIRELY practical certification. You must complete the SOC100-3 Virtual SOC on your own to achieve this. No multiple-choice.

Holders of this badge have demonstrated the ability to perform digital forensics and incident response (DFIR) as it would pertain to a SOC Tier 1 Analyst and understand the workings of SOC triaging incidents testing the following competencies

• Network Traffic Analysis
• Email Security Analysis
• Compromised Host (Windows)
• Binary Analysis (Static & Dynamic)
• Log & Event Analysis
• Cyber Threat Intelligence

Available Feb 15th 2025.

SOC100-4: Certify

Holders of this badge have demonstrated the ability to work through a variety of common Tier 1 triage scenarios as it would pertain to the following activity areas along typical attack lifecycles.

• Persistence Activity
• Process Activity
• Network Activity

Available end of Feb 2025.

SOC100-5: Advance

Holders of this badge have demonstrated the working and applied knowledge of the fundamentals of advanced training beyond SOC Tier 1 Analyst domains:

• Pentesting
• Reverse Engineering
• Threat Hunting
• Detection Engineering
  
• Defensive PowerShell
• Defensive Python
• Cloud Security
• DevSecOps
• AppSec

Available April 2025.