CompTIA CASP+: Monitoring & Incident Response

CompTIA CASP+
  • 15 Videos | 1h 28m 28s
  • Includes Assessment
  • Earns a Badge
Enterprise IT monitoring is crucial in detecting potential security incidents. In this course, you'll explore various monitoring methods for hosts, devices, and networks. Next, you'll learn to configure log forwarding and work with logs through PowerShell. Moving on, you'll learn to recognize when to use honeyfiles, honeypots, and honeynets, as well as SIEM and SOAR solutions. You’ll then examine intrusion detection and prevention and how they are used to secure a network. Lastly, you'll explore the use of tools such as Snort, tcpdump, nmap, and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    identify the various levels of IT monitoring
    enable syslog forwarding in Linux
    manage Windows logs using the GUI
    manage cloud-based logging
    differentiate between honeynets, honeypots, and honeyfiles
    describe how IDS and IPS are used to secure a network
    install Snort IDS
  • test Snort IDS rules
    recognize reasons for using SIEM and SOAR solutions
    use tcpdump to capture network traffic
    use Wireshark to filter captured network traffic
    use nmap to discover hosts and network services
    use packettotal.com to analyze packets
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    1m 40s
    UP NEXT
  • Playable
    2. 
    Host, Device, and Network Monitoring
    9m 28s
  • Locked
    3. 
    Enabling Linux Syslog Forwarding
    6m 17s
  • Locked
    4. 
    Managing Windows Event Viewer Logs
    5m 24s
  • Locked
    5. 
    Managing Cloud Logging and Alerts
    7m 13s
  • Locked
    6. 
    Honeynets, Honeypots, and Honeyfiles
    4m 54s
  • Locked
    7. 
    Intrusion Detection and Prevention
    9m 25s
  • Locked
    8. 
    Installing the Snort IDS
    5m 55s
  • Locked
    9. 
    Testing the Snort IDS
    4m 14s
  • Locked
    10. 
    SIEM and SOAR
    5m 34s
  • Locked
    11. 
    Network Traffic Capture Using tcpdump
    5m 37s
  • Locked
    12. 
    Network Traffic Filtering Using Wireshark
    7m 30s
  • Locked
    13. 
    Using nmap For Network Reconnaissance
    6m 43s
  • Locked
    14. 
    Analyzing Packet Captures for Malicious Activity
    7m 25s
  • Locked
    15. 
    Course Summary
    1m 8s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.