Network & Host Analysis: Network Operations
Networking
| Intermediate
- 14 Videos | 1h 5m 59s
- Includes Assessment
- Earns a Badge
Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this course
compare and contrast various network defense tools
recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy
describe how SIEMs are used to detect threat activity
install and configure Suricata to be used for network defensive operations, including NSM, IDS, and IPS
apply a Suricata rule and illustrate the action, header, and rule options
create an alert using a Suricata rule -
configure Suricata output in JSON using the EVE output facility
install prerequisites for ELK Stack and Suricata from the command line
install ELK stack in preparation for it to serve as a SIEM for Suricata
integrate Suricata logs with ELK Stack using Filebeat and Logstash
navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata
output a PCAP log from Suricata to be read by Wireshark
summarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 35sUP NEXT
-
2.Network Defense Tools4m 46s
-
3.Implementing NSM3m 30s
-
4.SIEM for Threat Activity4m 22s
-
5.Installing Suricata3m 35s
-
6.Applying Suricata Rules6m 25s
-
7.Creating Suricata Alerts6m 3s
-
8.Generating Suricata Logs5m 23s
-
9.Installing ELK Stack Prerequisites3m 52s
-
10.Installing ELK Stack4m 31s
-
11.Integrating Suricata and ELK Stack4m 38s
-
12.Navigating Kibana for SIEM6m 28s
-
13.Integrating Suricata and Wireshark3m 32s
-
14.Course Summary1m 19s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.
