Network & Host Analysis: Network Operations

Networking    |    Intermediate
  • 14 videos | 59m 59s
  • Includes Assessment
  • Earns a Badge
Rating 4.3 of 25 users Rating 4.3 of 25 users (25)
Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Compare and contrast various network defense tools
    Recognize the characteristics of nsm and outline how to implement it as part of a network defense strategy
    Describe how siems are used to detect threat activity
    Install and configure suricata to be used for network defensive operations, including nsm, ids, and ips
    Apply a suricata rule and illustrate the action, header, and rule options
    Create an alert using a suricata rule
  • Configure suricata output in json using the eve output facility
    Install prerequisites for elk stack and suricata from the command line
    Install elk stack in preparation for it to serve as a siem for suricata
    Integrate suricata logs with elk stack using filebeat and logstash
    Navigate elk stack's kibana dashboards for siem use when connected to suricata
    Output a pcap log from suricata to be read by wireshark
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 35s
  • 4m 46s
    In this video, you will compare and contrast various network defense tools. FREE ACCESS
  • Locked
    3.  Implementing NSM
    3m 30s
    After completing this video, you will be able to recognize the characteristics of NSM and outline how to implement it as part of a network defense strategy. FREE ACCESS
  • Locked
    4.  SIEM for Threat Activity
    4m 22s
    Upon completion of this video, you will be able to describe how SIEMs are used to detect and respond to threat activity. FREE ACCESS
  • Locked
    5.  Installing Suricata
    3m 35s
    Learn how to install and configure Suricata to be used for network defensive operations, including network security monitoring (NSM), intrusion detection (IDS), and intrusion prevention (IPS). FREE ACCESS
  • Locked
    6.  Applying Suricata Rules
    6m 25s
    In this video, you will apply a Suricata rule and illustrate the action, header, and rule options. FREE ACCESS
  • Locked
    7.  Creating Suricata Alerts
    6m 3s
    Learn how to create an alert using a Suricata rule. FREE ACCESS
  • Locked
    8.  Generating Suricata Logs
    5m 23s
    In this video, you will configure Suricata output in JSON using the EVE output facility. FREE ACCESS
  • Locked
    9.  Installing ELK Stack Prerequisites
    3m 52s
    Find out how to install prerequisites for ELK Stack and Suricata from the command line. FREE ACCESS
  • Locked
    10.  Installing ELK Stack
    4m 31s
    In this video, you will install the ELK stack in preparation for it to serve as a SIEM for Suricata. FREE ACCESS
  • Locked
    11.  Integrating Suricata and ELK Stack
    4m 38s
    During this video, you will learn how to integrate Suricata logs with the ELK Stack using Filebeat and Logstash. FREE ACCESS
  • Locked
    12.  Navigating Kibana for SIEM
    6m 28s
    In this video, you will learn how to navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata. FREE ACCESS
  • Locked
    13.  Integrating Suricata and Wireshark
    3m 32s
    In this video, learn how to output a PCAP log from Suricata so that it can be read by Wireshark. FREE ACCESS
  • Locked
    14.  Course Summary
    1m 19s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Rating 4.7 of 90 users Rating 4.7 of 90 users (90)
Rating 4.4 of 38 users Rating 4.4 of 38 users (38)
Rating 4.5 of 33 users Rating 4.5 of 33 users (33)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Rating 4.8 of 26 users Rating 4.8 of 26 users (26)
Rating 4.6 of 26 users Rating 4.6 of 26 users (26)
Rating 4.5 of 229 users Rating 4.5 of 229 users (229)