5.0/ 5.0
100% pembeli merasa puas
1 rating • 1 ulasan
5(1)100%
4(0)0%
3(0)0%
2(0)0%
1(0)0%
Atur jumlah dan catatan
Stok Total: Sisa 9
Subtotal
Rp4.000.000
SEC503: Network Monitoring and Threat Detection In-Depth
Rp4.000.000
- Kondisi: Baru
- Min. Pemesanan: 1 Buah
- Etalase: SANS Institute
SEC503: Network Monitoring and Threat Detection In-Depth delivers the technical knowledge, insight, and hands-on training you need to confidently defend your network, whether traditional or cloud-based. You will learn about the underlying theory of TCP/IP and the most used application protocols so that you can intelligently examine network traffic to identify emerging threats, perform large-scale correlation for threat hunting, and reconstruct network attacks. 37 Hands-on Labs + Capstone Challenge.
You Will Learn.
- How to analyze traffic traversing your site to avoid becoming another headline
- How to identify zero-day threats for which no network monitoring tool has published signatures
- How to place, customize, and tune your network monitoring for maximum detection
- How to triage network alerts, especially during an incident
- How to reconstruct events to determine what happened, when, and who did it
- Hands-on detection, analysis, and network forensic investigation with a variety of tools
- TCP/IP and common application protocols to gain insight about your network traffic, enabling you to distinguish normal from abnormal traffic
- The benefits and problems inherent in using signature-based network monitoring tools
- The power of behavioral network monitoring tools for enterprise-wide automated correlation, and how to use them effectively
- How to perform effective threat modeling for network activities
- How to translate threat modeling into detection capabilities for zero-day threats
- How to use flow and hybrid traffic analysis frameworks to augment detection in traditional, hybrid, and cloud network environments
SEC503: Network Monitoring and Threat Detection In-Depth
Size: 94 GB
Contains: 665 Files, 35 Folders
You Will Be Able To.
- Configure and run Snort and Suricata
- Create and write effective and efficient Snort, Suricata and FirePOWER rules
- Configure and run open-source Zeek to provide a hybrid traffic analysis framework
- Create automated threat hunting correlation scripts in Zeek
- Understand TCP/IP component layers to identify normal and abnormal traffic for threat identification
- Use traffic analysis tools to identify signs of a compromise or active threat
- Perform network forensics to investigate traffic to identify TTPs and find active threats
- Carve out files and other types of content from network traffic to reconstruct events
- Create BPF filters to selectively examine a particular traffic trait at scale
- Craft packets with Scapy
- Use NetFlow/IPFIX tools to find network behavior anomalies and potential threats
- Use your knowledge of network architecture and hardware to customize placement of network monitoring sensors and sniff traffic off the wire
Course Syllabus.
SEC503.1: Network Monitoring and Analysis: Part I
SEC503.2: Network Monitoring and Analysis: Part II
SEC503.3: Signature-Based Threat Detection and Response
SEC503.4: Building Zero-Day Threat Detection Systems
SEC503.5: Large- Scale Threat Detection, Forensics, and Analytics
SEC503.6: Advanced Network Monitoring and Threat Detection Capstone
FOR EDUCATIONAL PURPOSES ONLY!
You Will Learn.
- How to analyze traffic traversing your site to avoid becoming another headline
- How to identify zero-day threats for which no network monitoring tool has published signatures
- How to place, customize, and tune your network monitoring for maximum detection
- How to triage network alerts, especially during an incident
- How to reconstruct events to determine what happened, when, and who did it
- Hands-on detection, analysis, and network forensic investigation with a variety of tools
- TCP/IP and common application protocols to gain insight about your network traffic, enabling you to distinguish normal from abnormal traffic
- The benefits and problems inherent in using signature-based network monitoring tools
- The power of behavioral network monitoring tools for enterprise-wide automated correlation, and how to use them effectively
- How to perform effective threat modeling for network activities
- How to translate threat modeling into detection capabilities for zero-day threats
- How to use flow and hybrid traffic analysis frameworks to augment detection in traditional, hybrid, and cloud network environments
SEC503: Network Monitoring and Threat Detection In-Depth
Size: 94 GB
Contains: 665 Files, 35 Folders
You Will Be Able To.
- Configure and run Snort and Suricata
- Create and write effective and efficient Snort, Suricata and FirePOWER rules
- Configure and run open-source Zeek to provide a hybrid traffic analysis framework
- Create automated threat hunting correlation scripts in Zeek
- Understand TCP/IP component layers to identify normal and abnormal traffic for threat identification
- Use traffic analysis tools to identify signs of a compromise or active threat
- Perform network forensics to investigate traffic to identify TTPs and find active threats
- Carve out files and other types of content from network traffic to reconstruct events
- Create BPF filters to selectively examine a particular traffic trait at scale
- Craft packets with Scapy
- Use NetFlow/IPFIX tools to find network behavior anomalies and potential threats
- Use your knowledge of network architecture and hardware to customize placement of network monitoring sensors and sniff traffic off the wire
Course Syllabus.
SEC503.1: Network Monitoring and Analysis: Part I
SEC503.2: Network Monitoring and Analysis: Part II
SEC503.3: Signature-Based Threat Detection and Response
SEC503.4: Building Zero-Day Threat Detection Systems
SEC503.5: Large- Scale Threat Detection, Forensics, and Analytics
SEC503.6: Advanced Network Monitoring and Threat Detection Capstone
FOR EDUCATIONAL PURPOSES ONLY!
Ada masalah dengan produk ini?