Security Event Triage: Detecting Network Anomalies with Behavioral Analysis from Pluralsight

In this course on network behavioral analysis, you will explore the use of frequency, protocol, and population analysis methodologies to uncover events associated with multiple threat actors intrusions into a simulated enterprise network.

Developing the skills necessary for a security analyst to properly detect and triage advanced network intrusion tactics and techniques requires experience and the use of advanced detection capabilities. Neither of which are easily obtained. In this course, Security Event Triage: Detecting Network Anomalies with Behavioral Analysis, you will learn foundational knowledge required to separate good network traffic from bad and identify a myriad threat actor activity on an enterprise network. First, you will learn how to use frequency analysis to detect command and control, automated logins, and beaconing. Next, you will learn to leverage protocol analysis to identify DNS tunneling, anomalous HTTPS traffic, authentication brute forcing, and DHCP abuse. Finally, you will explore the use of population analysis by harnessing machine learning to identify HTTPS exfiltration and connect the dots associated with enterprise network intrusions. When you are finished with this course, you will have the skills and knowledge of network behavioral analysis needed to detect and triage events found at multiple levels of the cyber kill chain. Create your own network behavioral analysis workstation to follow along using your own environments data using the guide located here: https://github.com/arosenmund/pluralsight/tree/master/NBAD.

This course is part of our Security Event Triage series which leverages MITRE ATT&CK to identify advance persistent threat tactics at all levels of the cyber kill chain.

What's inside

Syllabus

Course Overview

Introduction to Network Behavioral Analysis

Frequency Analysis

Protocol Analysis

Population Analysis

Detecting the Anomalies

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Appropriate for seasoned cybersecurity analysts ready for advanced training in network intrusion analysis

Taught by an instructor recognized for their work in the field of network security

Develops foundational knowledge required to separate good network traffic from bad and identify a myriad threat actor activity on an enterprise network

Uses industry-standard analysis methodologies, including frequency, protocol, and population analysis

Provides hands-on experience through the use of a simulated enterprise network

Forms part of a series on Security Event Triage, providing a comprehensive understanding of advanced persistent threat tactics

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Security Event Triage: Detecting Network Anomalies with Behavioral Analysis with these activities:

Network Security Essentials

Show steps

Reinforce foundational knowledge in network security principles and technologies.

View Operating Systems on Amazon

Show steps

Read chapters covering topics such as cryptography, firewalls, and intrusion detection systems.
Complete end-of-chapter exercises to test understanding.

Connect with Network Security Professionals

Show steps

Seek guidance from experienced professionals to enhance learning.

Show steps

Attend industry events or join online communities to network with security experts.
Reach out to professionals on LinkedIn or other platforms for mentorship opportunities.

Review Network Security Concepts

Show steps

Solidify your understanding of basic concepts underlying network infrastructure.

Browse courses on Network Security Fundamentals

Show steps

Follow online tutorials on network topologies, protocols, and security principles.
Practice configuring basic network devices, such as routers and switches.

Four other activities

Expand to see all activities and additional details

Show all seven activities

Threat Intelligence Repository

Show steps

Stay up-to-date with emerging threats and best practices.

Browse courses on Threat Intelligence

Show steps

Gather and organize information on the latest security threats, vulnerabilities, and mitigation techniques.
Use a tool or platform to create a centralized repository for easy access and sharing.

Domain Name System (DNS) Analysis Exercises

Show steps

Master DNS fundamentals to detect anomalies and security threats.

Show steps

Analyze DNS records and identify potential malicious activity, such as phishing or malware distribution.
Use tools to query and monitor DNS traffic for suspicious patterns.

Security Incident Response Workshop

Show steps

Gain practical experience in responding to and mitigating security incidents.

Browse courses on Incident Response

Show steps

Participate in a hands-on workshop simulating a security breach.
Work in teams to analyze incident data, contain the breach, and restore system integrity.

Network Behavioral Analysis Report

Show steps

Demonstrate your ability to apply techniques learned to identify security threats.

Show steps

Collect data from a simulated network environment using tools introduced in the course.
Analyze network traffic and identify anomalies using frequency, protocol, and population analysis methods.
Create a comprehensive report that outlines your findings and recommendations for mitigating security risks.

Career center

Learners who complete Security Event Triage: Detecting Network Anomalies with Behavioral Analysis will develop knowledge and skills that may be useful to these careers:

Cybersecurity Researcher

Cybersecurity Researchers use their skills in cybersecurity to research and develop new methods for detecting and preventing cybersecurity threats. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Cybersecurity Researcher

Machine Learning Engineer

Machine Learning Engineers use their skills in machine learning to develop and implement machine learning models. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic

See salaries and explore the career path for Machine Learning Engineer

Incident Responder

Incident Responders are responsible for responding to and mitigating security incidents. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Incident Responder

Artificial Intelligence Engineer

Artificial Intelligence Engineers use their skills in artificial intelligence to develop and implement artificial intelligence models. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic

See salaries and explore the career path for Artificial Intelligence Engineer

Penetration Tester

Penetration Testers use their skills to identify vulnerabilities in an organization's network security infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Penetration Tester

Data Scientist

Data Scientists use their skills in data analysis to uncover insights from data. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques by harnessing machine learning to identify patterns in network traffic

See salaries and explore the career path for Data Scientist

Network Security Engineer

Network Security Engineers design, implement, and maintain an organization's network security infrastructure. The course on network behavioral analysis may be helpful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Network Security Engineer

Security Architect

Security Architects design and implement an organization's security infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Security Architect

Cybersecurity Engineer

Cybersecurity Engineers design, implement, and maintain an organization's cybersecurity infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Cybersecurity Engineer

Threat Intelligence Analyst

Threat Intelligence Analysts use their knowledge of threat intelligence to keep an organization up-to-date on the latest security threats. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Threat Intelligence Analyst

Computer Forensic Analyst

Computer Forensic Analysts use their skills to investigate and analyze computer systems to uncover evidence of computer crime. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Computer Forensic Analyst

Network Administrator

Network Administrators are responsible for managing and maintaining an organization's network infrastructure. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Network Administrator

Security Consultant

Security Consultants provide advice and guidance to organizations on how to improve their security posture. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Security Consultant

Security Analyst

Security Analysts use their in-depth knowledge of computer and network security to keep an organization's critical data safe from unauthorized access. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Security Analyst

Information Security Analyst

Information Security Analysts use their knowledge of computer and network security to protect an organization's data from unauthorized access or theft. The course on network behavioral analysis may be useful to those looking to enter this field, as it provides a foundation in detecting and triaging advanced network intrusion tactics and techniques.

See salaries and explore the career path for Information Security Analyst