YoVDO

Security Onion

Offered By: Cybrary

Tags

Security Onion Courses Network Security Courses Linux Courses

Course Description

Overview

Overall, this course will allow you to learn how to maintain and update Security Onion.

Students should have networking knowledge (TCP/IP, Protocols, Packets, etc.), linux knowledge (mkdir, Is, vi, ifconfig, etc.), and security technology knowledge (IDS, Full Packet Capture, etc).


Syllabus

  • Module 1: Introduction
    • 1.1 Introduction
  • Module 2: What is Security Onion?
    • 2.1 What is Security Onion?
    • 2.2 Monitoring and Analysis Tools
    • 2.3 Security Onion Architecture
    • 2.4 Deployment Types
  • Module 3: Installing a Standalone Server
    • 3.1 Security Onion Download and Installation Part 1
    • 3.2 Security Onion Download and Installation Part 2
  • Module 4: Installing a Distributed Environment
    • 4.1 Server Configuration Demo Part 1
    • 4.2 Server Configuration Demo Part 2
    • 4.3 Server Configuration Demo Part 3
  • Module 5: Reviewing the Installation
    • 5.1 Server Installation Review
    • 5.2 Checking System Services With sostat
    • 5.3 Security Onion Web Browser Tools
    • 5.4 Security Onion Terminal
  • Module 6: Resources
    • 6.1 Resources Part 1
    • 6.2 Resources Part 2
  • Module 7: Replaying Traffic on a Standalone Server
    • 7.1 TCPReplay Part 1
    • 7.2 TCPReplay Part 2
    • 7.3 TCPReplay Part 3
    • 7.4 Review
  • Module 8: Sniffing Traffic in a Distributed Environment
    • 8.1 Sniffing Traffic
    • 8.2 Traffic Overview in Kibana
    • 8.3 SSH Success
  • Module 9: Management Tips and Best Practices
    • 9.1 Lesson 9 Agenda
    • 9.2 Salt Tips
    • 9.3 Proxy Settings
    • 9.4 IDS Rules Management
    • 9.5 Autocat Rules Management
    • 9.6 Other Helpful Commands and Tips
  • Module 10: Other Functionality
    • 10.1 Lesson 10 Overview
    • 10.2 Wazuh/OSSEC Functionality
    • 10.3 DNS Anomaly Detection Script
    • 10.4 Domain Stats and Frequency Server
  • Module 11: Wrap Up
    • 11.1 Course Wrap Up

Taught by

Karl Hansen

Related Courses

An Introduction to Computer Networks
Stanford University via Independent
Computer Networks
University of Washington via Coursera
Computer Networking
Georgia Institute of Technology via Udacity
Cybersecurity and Its Ten Domains
University System of Georgia via Coursera
Model Building and Validation
AT&T via Udacity