CompTIA Cybersecurity Analyst+: Security & Network Monitoring
Cybersecurity
| Intermediate
- 12 videos | 1h 36s
- Includes Assessment
- Earns a Badge
SIEM solutions serve as centralized data ingestion and analysis engines that seek out potential security issues. Security incident response can be partially or fully automated using SOAR solutions. In this course, discover the benefits of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) security incident monitoring and response solutions. Next, explore threat positives and negatives, followed by deploying the Splunk SIEM on Linux. Finally, learn how to configure a Splunk universal forwarder and use various tools to capture and analyze network traffic. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
WHAT YOU WILL LEARN
-
Discover the key concepts covered in this course
Recall how a siem solution serves as a central ingestion point for security analysis in a security operations center (soc)
Identify how a soar solution serves as a method of automating security incident remediation
Outline true positives and negatives as well as false positives and negatives
Deploy splunk on linux
Configure linux log forwarding to splunk -
Query splunk indexes
Use tcpdump to capture network traffic
Use wireshark to capture network traffic
Analyze an ics network traffic capture
Recognize the role that ai and ml play in threat hunting
Summarize the key concepts covered in this course
IN THIS COURSE
-
1m 4sIn this video, we will discover the key concepts covered in this course. FREE ACCESS
-
5m 41sDuring this video, you will learn how to recall how a SIEM solution serves as a central ingestion point for security analysis in a security operations center (SOC). FREE ACCESS
-
3. Security Orchestration, Automation, and Response (SOAR)7m 36sUpon completion of this video, you will be able to identify how a SOAR solution serves as a method of automating security incident remediation. FREE ACCESS
-
4. Threat Positives and Negatives4m 9sIn this video, we will outline true positives and negatives as well as false positives and negatives. FREE ACCESS
-
5. Deploying the Splunk SIEM6m 25sDuring this video, discover how to deploy Splunk on Linux. FREE ACCESS
-
6. Configuring a Splunk Universal Forwarder6m 42sIn this video, find out how to configure Linux log forwarding to Splunk. FREE ACCESS
-
7. Using Splunk for Security Event Correlation5m 39sDuring this video, you will learn how to query Splunk indexes. FREE ACCESS
-
8. Capturing Network Traffic Using tcpdump5m 35sDiscover how to use tcpdump to capture network traffic. FREE ACCESS
-
9. Capturing Network Traffic Using Wireshark6m 12sIn this video, learn how to use Wireshark to capture network traffic. FREE ACCESS
-
10. Analyzing Industrial Control System (ICS) Network Traffic6m 27sFind out how to analyze an ICS network traffic capture. FREE ACCESS
-
11. Artificial Intelligence (AI) and Machine Learning (ML) in Threat Hunting4m 24sAfter completing this video, you will be able to recognize the role that AI and ML play in threat hunting. FREE ACCESS
-
12. Course Summary42sIn this video, we will summarize the key concepts covered in this course. FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
