Network & Host Analysis: Network Operations

Networking | Intermediate

14 Videos | 59m 59s
Includes Assessment
Earns a Badge

Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.

WHAT YOU WILL LEARN

discover the key concepts covered in this course

compare and contrast various network defense tools

recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy

describe how SIEMs are used to detect threat activity

install and configure Suricata to be used for network defensive operations, including NSM, IDS, and IPS

apply a Suricata rule and illustrate the action, header, and rule options

create an alert using a Suricata rule
configure Suricata output in JSON using the EVE output facility

install prerequisites for ELK Stack and Suricata from the command line

install ELK stack in preparation for it to serve as a SIEM for Suricata

integrate Suricata logs with ELK Stack using Filebeat and Logstash

navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata

output a PCAP log from Suricata to be read by Wireshark

summarize the key concepts covered in this course

IN THIS COURSE

1.

Course Overview

1m 35s

UP NEXT
2.

Network Defense Tools

4m 46s
3.

Implementing NSM

3m 30s

FREE ACCESS
4.

SIEM for Threat Activity

4m 22s

FREE ACCESS
5.

Installing Suricata

3m 35s

FREE ACCESS
6.

Applying Suricata Rules

6m 25s

FREE ACCESS
7.

Creating Suricata Alerts

6m 3s

FREE ACCESS
8.

Generating Suricata Logs

5m 23s

FREE ACCESS
9.

Installing ELK Stack Prerequisites

3m 52s

FREE ACCESS
10.

Installing ELK Stack

4m 31s

FREE ACCESS
11.

Integrating Suricata and ELK Stack

4m 38s

FREE ACCESS
12.

Navigating Kibana for SIEM

6m 28s

FREE ACCESS
13.

Integrating Suricata and Wireshark

3m 32s

FREE ACCESS
14.

Course Summary

1m 19s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

COURSE SSCP 2021: Network Attacks & Countermeasures

COURSE CompTIA Server+: Network Firewalls

COURSE CEH v11: Nmap IP Scans

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Content items for Compliance and Leadership are not included in this subscription.

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

Network & Host Analysis: Network Operations

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE