CompTIA CASP+: Monitoring & Incident Response

CompTIA CASP+    |    Intermediate
  • 15 videos | 1h 27m 43s
  • Includes Assessment
  • Earns a Badge
Likes 30 Likes 30
Enterprise IT monitoring is crucial in detecting potential security incidents. In this course, you'll explore various monitoring methods for hosts, devices, and networks. Next, you'll learn to configure log forwarding and work with logs through PowerShell. Moving on, you'll learn to recognize when to use honeyfiles, honeypots, and honeynets, as well as SIEM and SOAR solutions. You'll then examine intrusion detection and prevention and how they are used to secure a network. Lastly, you'll explore the use of tools such as Snort, tcpdump, nmap, and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    identify the various levels of IT monitoring
    enable syslog forwarding in Linux
    manage Windows logs using the GUI
    manage cloud-based logging
    differentiate between honeynets, honeypots, and honeyfiles
    describe how IDS and IPS are used to secure a network
    install Snort IDS
  • test Snort IDS rules
    recognize reasons for using SIEM and SOAR solutions
    use tcpdump to capture network traffic
    use Wireshark to filter captured network traffic
    use nmap to discover hosts and network services
    use packettotal.com to analyze packets
    summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 37s
  • 9m 25s
  • Locked
    3.  Enabling Linux Syslog Forwarding
    6m 14s
  • Locked
    4.  Managing Windows Event Viewer Logs
    5m 21s
  • Locked
    5.  Managing Cloud Logging and Alerts
    7m 10s
  • Locked
    6.  Honeynets, Honeypots, and Honeyfiles
    4m 51s
  • Locked
    7.  Intrusion Detection and Prevention
    9m 22s
  • Locked
    8.  Installing the Snort IDS
    5m 52s
  • Locked
    9.  Testing the Snort IDS
    4m 11s
  • Locked
    10.  SIEM and SOAR
    5m 31s
  • Locked
    11.  Network Traffic Capture Using tcpdump
    5m 34s
  • Locked
    12.  Network Traffic Filtering Using Wireshark
    7m 27s
  • Locked
    13.  Using nmap For Network Reconnaissance
    6m 40s
  • Locked
    14.  Analyzing Packet Captures for Malicious Activity
    7m 22s
  • Locked
    15.  Course Summary
    1m 5s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course OWASP Top 10: Web Application Security
Likes 61 Likes 61  
Course Malware Analysis
Course Getting Started with Security Architecture
Likes 1 Likes 1  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Preemptive Troubleshooting: Concepts & Strategies
Likes 16 Likes 16  
Course CompTIA CASP+: Secure Cloud Computing
Likes 31 Likes 31  
Course CompTIA CASP+: Virtualization Security
Likes 34 Likes 34