You’ll master the skills necessary to become a successful Security Analyst. Learn to identify, correct and respond to security weaknesses and incidents. Plus, get hands-on experience monitoring network traffic, analyzing alert and log data, and following incident handling procedures.
Overview
Syllabus
- Fundamentals of Defending Systems
- In this course, you will begin your exploration into the role of a security analyst. You will learn about the core principles and philosophy that drive work in the security field. Then, you will discover physical, logical and administrative controls, their industry recognized frameworks, and how to apply them to secure a network, system or application. Lastly, you will apply security concepts to create defensible, resilient network architecture.
- Analyzing Security Threats
- In this course, you’ll start by exploring the current threat landscape and identifying both threats and threat actors that organizations face. You will learn about the OWASP Top 10 and that they pose a critical threat to organizations. Then, you’ll learn all of the ways to mitigate threats, including the OWASP Top 10. Lastly, you’ll learn what threat modeling is and build your own threat models.
- Assessing Vulnerabilities and Reducing Risk
- In this course, you will learn how security analysts address system vulnerabilities in order to reduce organizational risk. You will first learn about vulnerabilities, their characteristics and their dynamic lifecycle. You will then explore the ways analysts assess vulnerabilities, including reviewing and administering scanning tools and utilities. You will learn how to measure the risks associated with discovered vulnerabilities. Lastly, you will review ways to communicate risk in order to plan remediation and mitigation activities.
- Monitoring, Logging and Responding to Incidents
- In this course, you will discover the importance of incident detection and use the Snort Intrusion Detection System to automatically generate alerts based on suspicious network traffic. You will learn to analyze automated alerts for false positives and determine if they represent a real security threat. You will analyze network traffic using Wireshark and capture live traffic using tcpdump. You will also use Splunk to search and correlate security log data across multiple sources. Finally, you will follow incident handling procedures to respond and recover from security incident scenarios.
Taught by
Richard Phung, Milind Adari and Chris Herdt
