Linux Endpoint Security: Processes

This course will teach you the basics of command line tools to work with processes on Linux.

Roles in cybersecurity require an seemingly insurmountable amount of implied knowledge. In this course, Linux Endpoint Security: Processes, you will gain a security focused, baseline understanding of how processes work on Linux systems, and command line tools to work with them. First, you will explore the use of PS and how files are mapped to processes. Next, you will work with pstree to understand the relationships between processes. Finally, you will learn how to leverage that understanding to track down activity on a Linux device. When you’re finished with this course, you’ll have the skills and knowledge of Linux processes, including simple tricks from advanced security practitioners that will enable you to continue advancing into more technical roles within security operations.

• Course Overview 0mins
• Intro & Baselining with PS Coverage 7mins
• Discover Relationships with pstree 5mins
• Identify Anomalous Process with ps 11mins