Network & Host Analysis: Network Operations

Networking    |    Intermediate
  • 14 Videos | 59m 59s
  • Includes Assessment
  • Earns a Badge
Likes 24 Likes 24
Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    compare and contrast various network defense tools
    recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy
    describe how SIEMs are used to detect threat activity
    install and configure Suricata to be used for network defensive operations, including NSM, IDS, and IPS
    apply a Suricata rule and illustrate the action, header, and rule options
    create an alert using a Suricata rule
  • configure Suricata output in JSON using the EVE output facility
    install prerequisites for ELK Stack and Suricata from the command line
    install ELK stack in preparation for it to serve as a SIEM for Suricata
    integrate Suricata logs with ELK Stack using Filebeat and Logstash
    navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata
    output a PCAP log from Suricata to be read by Wireshark
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE CompTIA Server+: Network Firewalls
Likes 1 Likes 1  
COURSE CEH v11: Nmap IP Scans
COURSE Exploring SecOps Tools: Network Scanning Using Nmap

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE Network Survey & Extraction: Network Monitoring
Likes 8 Likes 8  
COURSE Network & Host Analysis: Network Protocols
Likes 7 Likes 7  
COURSE Network Topologies & Technologies
Likes 254 Likes 254