Network & Host Analysis: Network Operations
Networking
| Intermediate
- 14 Videos | 59m 59s
- Includes Assessment
- Earns a Badge
Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursecompare and contrast various network defense toolsrecognize the characteristics of NSM and outline how to implement it as part of a network defense strategydescribe how SIEMs are used to detect threat activityinstall and configure Suricata to be used for network defensive operations, including NSM, IDS, and IPSapply a Suricata rule and illustrate the action, header, and rule optionscreate an alert using a Suricata rule
-
configure Suricata output in JSON using the EVE output facilityinstall prerequisites for ELK Stack and Suricata from the command lineinstall ELK stack in preparation for it to serve as a SIEM for Suricataintegrate Suricata logs with ELK Stack using Filebeat and Logstashnavigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricataoutput a PCAP log from Suricata to be read by Wiresharksummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 35sUP NEXT
-
2.Network Defense Tools4m 46s
-
3.Implementing NSM3m 30s
-
4.SIEM for Threat Activity4m 22s
-
5.Installing Suricata3m 35s
-
6.Applying Suricata Rules6m 25s
-
7.Creating Suricata Alerts6m 3s
-
8.Generating Suricata Logs5m 23s
-
9.Installing ELK Stack Prerequisites3m 52s
-
10.Installing ELK Stack4m 31s
-
11.Integrating Suricata and ELK Stack4m 38s
-
12.Navigating Kibana for SIEM6m 28s
-
13.Integrating Suricata and Wireshark3m 32s
-
14.Course Summary1m 19s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE

COURSE
CEH v11: Nmap IP Scans