We may earn an affiliate commission when you visit our partners.
Aaron Rosenmund

In this course on network behavioral analysis, you will explore the use of frequency, protocol, and population analysis methodologies to uncover events associated with multiple threat actors intrusions into a simulated enterprise network.

Read more

In this course on network behavioral analysis, you will explore the use of frequency, protocol, and population analysis methodologies to uncover events associated with multiple threat actors intrusions into a simulated enterprise network.

Developing the skills necessary for a security analyst to properly detect and triage advanced network intrusion tactics and techniques requires experience and the use of advanced detection capabilities. Neither of which are easily obtained. In this course, Security Event Triage: Detecting Network Anomalies with Behavioral Analysis, you will learn foundational knowledge required to separate good network traffic from bad and identify a myriad threat actor activity on an enterprise network. First, you will learn how to use frequency analysis to detect command and control, automated logins, and beaconing. Next, you will learn to leverage protocol analysis to identify DNS tunneling, anomalous HTTPS traffic, authentication brute forcing, and DHCP abuse. Finally, you will explore the use of population analysis by harnessing machine learning to identify HTTPS exfiltration and connect the dots associated with enterprise network intrusions. When you are finished with this course, you will have the skills and knowledge of network behavioral analysis needed to detect and triage events found at multiple levels of the cyber kill chain. Create your own network behavioral analysis workstation to follow along using your own environments data using the guide located here: https://github.com/arosenmund/pluralsight/tree/master/NBAD.

This course is part of our Security Event Triage series which leverages MITRE ATT&CK to identify advance persistent threat tactics at all levels of the cyber kill chain.

Enroll now

What's inside

Syllabus

Course Overview
Introduction to Network Behavioral Analysis
Frequency Analysis
Protocol Analysis
Read more
Population Analysis
Detecting the Anomalies

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Appropriate for seasoned cybersecurity analysts ready for advanced training in network intrusion analysis
Taught by an instructor recognized for their work in the field of network security
Develops foundational knowledge required to separate good network traffic from bad and identify a myriad threat actor activity on an enterprise network
Uses industry-standard analysis methodologies, including frequency, protocol, and population analysis
Provides hands-on experience through the use of a simulated enterprise network
Forms part of a series on Security Event Triage, providing a comprehensive understanding of advanced persistent threat tactics

Save this course

Save Security Event Triage: Detecting Network Anomalies with Behavioral Analysis to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Security Event Triage: Detecting Network Anomalies with Behavioral Analysis with these activities:
Network Security Essentials
Reinforce foundational knowledge in network security principles and technologies.
View Operating Systems on Amazon
Show steps
  • Read chapters covering topics such as cryptography, firewalls, and intrusion detection systems.
  • Complete end-of-chapter exercises to test understanding.
Connect with Network Security Professionals
Seek guidance from experienced professionals to enhance learning.
Show steps
  • Attend industry events or join online communities to network with security experts.
  • Reach out to professionals on LinkedIn or other platforms for mentorship opportunities.
Review Network Security Concepts
Solidify your understanding of basic concepts underlying network infrastructure.
Show steps
  • Follow online tutorials on network topologies, protocols, and security principles.
  • Practice configuring basic network devices, such as routers and switches.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Threat Intelligence Repository
Stay up-to-date with emerging threats and best practices.
Browse courses on Threat Intelligence
Show steps
  • Gather and organize information on the latest security threats, vulnerabilities, and mitigation techniques.
  • Use a tool or platform to create a centralized repository for easy access and sharing.
Domain Name System (DNS) Analysis Exercises
Master DNS fundamentals to detect anomalies and security threats.
Show steps
  • Analyze DNS records and identify potential malicious activity, such as phishing or malware distribution.
  • Use tools to query and monitor DNS traffic for suspicious patterns.
Security Incident Response Workshop
Gain practical experience in responding to and mitigating security incidents.
Browse courses on Incident Response
Show steps
  • Participate in a hands-on workshop simulating a security breach.
  • Work in teams to analyze incident data, contain the breach, and restore system integrity.
Network Behavioral Analysis Report
Demonstrate your ability to apply techniques learned to identify security threats.
Show steps
  • Collect data from a simulated network environment using tools introduced in the course.
  • Analyze network traffic and identify anomalies using frequency, protocol, and population analysis methods.
  • Create a comprehensive report that outlines your findings and recommendations for mitigating security risks.

Career center

Learners who complete Security Event Triage: Detecting Network Anomalies with Behavioral Analysis will develop knowledge and skills that may be useful to these careers:
Cybersecurity Researcher
Cybersecurity Researchers use their skills in cybersecurity to research and develop new methods for detecting and preventing cybersecurity threats. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Machine Learning Engineer
Machine Learning Engineers use their skills in machine learning to develop and implement machine learning models. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic
Incident Responder
Incident Responders are responsible for responding to and mitigating security incidents. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Artificial Intelligence Engineer
Artificial Intelligence Engineers use their skills in artificial intelligence to develop and implement artificial intelligence models. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic
Penetration Tester
Penetration Testers use their skills to identify vulnerabilities in an organization's network security infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Data Scientist
Data Scientists use their skills in data analysis to uncover insights from data. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic
Network Security Engineer
Network Security Engineers design, implement, and maintain an organization's network security infrastructure. The course on network behavioral analysis may be helpful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Security Architect
Security Architects design and implement an organization's security infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain an organization's cybersecurity infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Threat Intelligence Analyst
Threat Intelligence Analysts use their knowledge of threat intelligence to keep an organization up-to-date on the latest security threats. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Computer Forensic Analyst
Computer Forensic Analysts use their skills to investigate and analyze computer systems to uncover evidence of computer crime. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Network Administrator
Network Administrators are responsible for managing and maintaining an organization's network infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Security Analyst
Security Analysts use their in-depth knowledge of computer and network security to keep an organization's critical data safe from unauthorized access. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.
Information Security Analyst
Information Security Analysts use their knowledge of computer and network security to protect an organization's data from unauthorized access or theft. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Security Event Triage: Detecting Network Anomalies with Behavioral Analysis.
Provides a comprehensive overview of malware analysis techniques, from static analysis to dynamic analysis and reverse engineering. It also includes case studies of real-world malware samples.
Provides a practical, hands-on approach to computer security. It covers topics such as risk assessment, security policies, firewalls, intrusion detection systems, and security monitoring.
Classic account of how a young system administrator tracked down a hacker who was spying on the U.S. military. It provides a fascinating look at the world of computer security and espionage.
Memoir by Kevin Mitnick, one of the most famous hackers in history. It provides a firsthand account of his life of crime and his eventual redemption.
Provides a fascinating look at the art of deception and how it can be used to compromise computer security. It covers topics such as social engineering, phishing, and identity theft.
Provides a practical, hands-on approach to network security monitoring. It covers topics such as IDS deployment, event analysis, and incident response.
Provides a comprehensive overview of computer network security essentials. It covers topics such as security threats, security mechanisms, and security management.
Provides a beginner-friendly introduction to network security. It covers topics such as network security threats, security controls, and security best practices.
Provides a comprehensive overview of network security assessment. It covers topics such as vulnerability assessment, penetration testing, and security audits.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Security Event Triage: Detecting Network Anomalies with Behavioral Analysis.
Threat Intelligence with MSTICPy
Most relevant
Network Analysis with Arkime
Most relevant
Network Analysis with Real Intelligence Threat Analytics...
Most relevant
Security Event Triage: Analyzing Live System Process and...
Most relevant
Utilizing Zeek 4 in an Enterprise Environment or for...
Most relevant
Security Event Triage: Revealing Attacker Methodology in...
Most relevant
Security Event Triage: Operationalizing Security Analysis
Most relevant
Microsoft 365 Security Management Fundamentals
Most relevant
Network Analysis with OPNsense
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser