The PAP certification, released by TCM security, is an intermediate-level exam that assesses threat hunting and incident response skills. The exam simulates a real-world scenario where the candidate must investigate a suspected intrusion into Agate Industries' network. To prepare for the exam, candidates should have a good understanding of threat hunting and incident response methodologies, as well as experience with tools such as Splunk. The PAP certification is designed to be taken after completing the SOCK 2011 course, which provides a foundation in threat hunting and incident response. The exam consists of three days of analysis followed by two days to write and submit a report on the findings.
Introduction The video transcript appears to be from a live stream on YouTube, where the host discusses various topics related to cybersecurity and threat hunting. The host introduces himself and welcomes viewers to the stream, which is part of TCM’s (TCM Security) Wednesday at 12 noon weekly stream. Key Facts
- TCM has released a new certification called PAP (Practical Sock Analyst Professional), which is an intermediate-level exam for threat hunting and incident response.
- The PAP exam assesses the candidate’s ability to proactively identify intrusions, reconstruct attacker activity, and develop an actionable way to contain and eradicate threats.
- The exam environment is a simulated intrusion scenario where the candidate must investigate whether Fuzzy Koala (a state-sponsored threat group) has gained access to Agate Industries’ network.
- The candidate will have 3 days to complete the analysis and then an additional 2 days to write and submit the report.
- The PAP exam is designed to test the candidate’s ability to think like a threat hunter, not just collect indicators of compromise.
- The course materials for SOCK 2011 are available on TCM’s platform, but they do not contain answers to the exam questions.
- The host recommends that candidates have a good understanding of SOCK workflows and tools before taking the PAP exam.
Conclusion The video transcript covers various topics related to cybersecurity and threat hunting, including the release of the PAP certification, the exam environment, and tips for preparing for the exam. The host also discusses other topics such as Black Friday sales, resources available on TCM’s platform, and recommendations for books and courses.
