Network & Host Analysis: Network Operations

Networking | Intermediate

14 videos | 59m 59s
Includes Assessment
Earns a Badge

Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.

WHAT YOU WILL LEARN

discover the key concepts covered in this course

compare and contrast various network defense tools

recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy

describe how SIEMs are used to detect threat activity

install and configure Suricata to be used for network defensive operations, including NSM, IDS, and IPS

apply a Suricata rule and illustrate the action, header, and rule options

create an alert using a Suricata rule
configure Suricata output in JSON using the EVE output facility

install prerequisites for ELK Stack and Suricata from the command line

install ELK stack in preparation for it to serve as a SIEM for Suricata

integrate Suricata logs with ELK Stack using Filebeat and Logstash

navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata

output a PCAP log from Suricata to be read by Wireshark

summarize the key concepts covered in this course

IN THIS COURSE

1m 35s

FREE ACCESS
4m 46s

In this video, you will compare and contrast various network defense tools. FREE ACCESS
3. Implementing NSM

3m 30s

After completing this video, you will be able to recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy. FREE ACCESS
4. SIEM for Threat Activity

4m 22s

Upon completion of this video, you will be able to describe how SIEMs are used to detect and respond to threat activity. FREE ACCESS
5. Installing Suricata

3m 35s

Learn how to install and configure Suricata to be used for network defensive operations, including network security monitoring (NSM), intrusion detection (IDS), and intrusion prevention (IPS). FREE ACCESS
6. Applying Suricata Rules

6m 25s

In this video, you will apply a Suricata rule and illustrate the action, header, and rule options. FREE ACCESS
7. Creating Suricata Alerts

6m 3s

Learn how to create an alert using a Suricata rule. FREE ACCESS
8. Generating Suricata Logs

5m 23s

In this video, you will configure Suricata output in JSON using the EVE output facility. FREE ACCESS
9. Installing ELK Stack Prerequisites

3m 52s

Find out how to install prerequisites for ELK Stack and Suricata from the command line. FREE ACCESS
10. Installing ELK Stack

4m 31s

In this video, you will install the ELK stack in preparation for it to serve as a SIEM for Suricata. FREE ACCESS
11. Integrating Suricata and ELK Stack

4m 38s

During this video, you will learn how to integrate Suricata logs with the ELK Stack using Filebeat and Logstash. FREE ACCESS
12. Navigating Kibana for SIEM

6m 28s

In this video, you will learn how to navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata. FREE ACCESS
13. Integrating Suricata and Wireshark

3m 32s

In this video, learn how to output a PCAP log from Suricata so that it can be read by Wireshark. FREE ACCESS
14. Course Summary

1m 19s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course CBROPS: Firewall, Filtering, Visibility, & Control Data

Course CompTIA Security+: Analyzing Application & Network Attacks

Course CompTIA Server+: Network Firewalls

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Network Survey & Extraction: Network Analysis

Course CyberOps Windows Hardening: Windows Server Hardening Best Practices

Course Network & Host Analysis: Protocol Analysis

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Network & Host Analysis: Network Operations

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE