If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you explore data type categories in context to network security analytics.
By the end of the course, you will be able to:
• Explain the data that is available to the network security analysis •Describe the various types of data used in monitoring network security
• Describe the deployment and use of SIEMs to collect, sort, process, prioritize, store, and report alarms
• Describe the functions of SOAR platforms and features of Cisco SecureX
If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you explore data type categories in context to network security analytics.
By the end of the course, you will be able to:
• Explain the data that is available to the network security analysis •Describe the various types of data used in monitoring network security
• Describe the deployment and use of SIEMs to collect, sort, process, prioritize, store, and report alarms
• Describe the functions of SOAR platforms and features of Cisco SecureX
•Describe the Security Onion Open Source security monitoring tool
• Explain how packet capture data is stored in the PCAP format and the storage requirements for full packet capture.
• Describe packet capture usage and benefits for investigating security incidents • Describe packet captures using tools such as Tcpdump
• Describe session data content and provide an example of session data
•Describe transaction data content and provide an example of transaction data z
• Describe alert data content and provide an example of alert data
•Describe other types of NSM data (extracted content, statistical data, and metadata)
•Explain the need to correlate NSM data and provide an example
•Describe the Information Security CIA triad
• Understand PII as it relates to information security
• Describe compliance regulations and their effects on an organization
• Describe intellectual property and the importance of protecting it
• Use various tool capabilities of the Security Onion Linux distribution
To be successful in this course, you should have the following background:
1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course
2. Familiarity with Ethernet and TCP/IP networking
3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.