Introduction to TryHackMe SAL1 Certification
TryHackMe has recently introduced the Security Analyst Level 1 (SAL1) certification, aiming to equip individuals with foundational skills essential for Security Operations Center (SOC) roles. Developed in collaboration with industry leaders like Accenture and Salesforce, this certification emphasizes practical, hands-on experience within a virtual SOC environment.
Certification Overview:
- Objective: The SAL1 certification is designed to validate the baseline skills and competencies required to excel in a SOC setting, focusing on real-world scenarios and challenges.
- Development: Created with input from employers and experts, the certification ensures alignment with industry needs and expectations.
TryHackMe SAL1 Exam Structure
3 Sections:
1️⃣ Multiple Choice (1 hour, 80 questions) – Covers cybersecurity concepts from the learning path.
2️⃣ Hands-on Investigation (2 hours) – Simulates real SOC tasks (triaging alerts, investigating incidents, and reporting findings).
3️⃣ Case Report (2 hours) – Document and analyze security incidents.
🔹 Passing Score: 750/1000
🔹 Time Limit: 24 hours to complete all sections
🔹 1 Free Retake
TryHackMe SAL1 Study Notes & Guide
TryHackMe SAL1 Study Notes is designed as a comprehensive guide for cybersecurity beginners and those preparing for the TryHackMe SAL1 exam. It provides structured study materials covering security foundations, networking, operating systems, cybersecurity tools, digital forensics, cryptography, ethical hacking, and security analysis.
Table of Contents
🔹 Introduction
About This Study Guide
About The Exam
Exam Structure
🔹 Security Foundations
CIA Triad (Confidentiality, Integrity, Availability)
DAD Model (Disclosure, Alteration, Destruction)
Access Control & Security Principles
Defense in Depth & Security Standards
🔹 Web & Networking
Networking Protocols (TCP/IP, OSI Model)
IP Addressing (IPv4 vs. IPv6, Subnetting)
Common Network Attacks & Defenses
HTTP & HTTPS Basics
Load Balancers, SCADA, IoT
🔹 Operating Systems
Windows System & Process Management
Windows Event Logs, Security Logs
Linux File & Process Management
Linux Network & User Administration
🔹 Programming & Scripting
SQL Fundamentals & Database Management
PowerShell Commands & Automation
JavaScript Basics & Web Exploits
🔹 Cybersecurity & Ethical Hacking
Active Directory Security
Cyber Defense Frameworks (MITRE ATT&CK, NIST)
Cyber Kill Chain & Attack Methodologies
Common Malicious Behaviors (Phishing, Malware)
🔹 Penetration Testing & Forensics
Packet Analysis & Wireshark
Port Scanning & Nmap
Cryptographic Algorithms & Hashing
Password Cracking (JohnTheRipper, Hydra)
SQL Injection, XSS, SSRF, Command Injection
🔹 Security Operations & Incident Response
SOC Analyst Responsibilities
Log Analysis & SIEM Tools (Splunk, ELK)
Vulnerability Scanning & Threat Hunting
Digital Forensics Techniques
Page count: 522
Format: PDF
Testimonials (LinkedIn)
How to buy the study notes?
You can buy the booklet directly by clicking on the button below
After you buy the booklet, you will be able to download the PDF booklet along with the markup files if you want to import them to Obsidian software.
What about the notes updates?
if you have been watching my YouTube Channel, you definitely know that those who subscribe to the second tier of my channel membership they instantly get access to a vast catalog of cybersecurity, penetration testing, digital marketing, system administration and data analytics notes catalog for 10$ along with the ability to receive all notes updates as long as they are subscribed so what does that mean?
This means if you want to stay up to date with the changes and updates to the notes and get access to other categories, I encourage to join the channel membership second tier instead. However, if you are fine with downloading the current version of this section of the notes then you can buy this booklet instead for a one-time payment.
Will the prices of this booklet change in the future?
Once another version of this booklet is released, which it will, the price will slightly change as the booklet will include more contents, notes and illustrations.
TryHackMe SOC L1 Path Walkthroughs
Checkout the playlist below on my YouTube channel for TryHackMe SOC L1 Path Walkthroughs.
