Udemy – Incident Response Drills for Lv2 Analyst V1
English | Tutorial | Size: 717.81 MB
Volume 1 – Incident Response with Logs
A security analyst performs an incident response (IR) when a breach occurs in a company or organization. Cyber security incident is defined in various ways. Incidents that occur in information asset-related systems generally referred to by companies mean that an abnormal operation occurs in the system or application, or a phenomenon unintended by an outsider. Through cyber security incident response, system damage status and cause of incidents are analyzed and, in case of crime, information necessary to prove criminal activity is collected for the purpose of collecting evidence. Industrial espionage, in which an internal employee steals confidential documents or key drawings from a competitor or overseas, becomes a legal forensic area necessary for legal disputes.
This course covers investigation tips and guides for level 2 analysts. Usually, we use variety tools to identify threats from various security logs such as Web Applications, IDS and Network Packets. In this lab, you will have practical exercise to find the cause of a problem with 3 types of logs. All logs were reflected from real-world incident
IDS logs were filtered unnecessary column information for your exercise. It will provide Date Time, Tag Name, Source IP, Source Port, Destination IP and Destination Port.
Web log format comes from Microsoft Internet Information Services (IIS), were filtered unnecessary rows for your exercise. You will use 2 different log analysis tools – Log parser and Splunk.
Network packet logs were generated from the attack situation which was reproduced in the lab environment and collected in the network traffic in the lab environment.
The course will not cover the legal forensics domain. We will look at the basic knowledge and tools necessary to perform work as a level 2 analyst, and learn how to use analysis tools through hands-on practice. Intrusion incident analysis methods from a practical point of view required for intrusion response and analysis tasks in a company will be reviewed together. The basic task of a security analyst is to respond to security threats based on an understanding of network communication and applications. It analyzes the threat logs generated by various security devices to find attackers who are trying to break in, and directly changes the settings of security devices to prevent attacks.
RAPIDGATOR
rapidgator.net/file/4d1d6a0ee37154e9eba351e827f203c0/Incident_Response_Drills_for_Lv2_Analyst_V1.part1.rar.html
rapidgator.net/file/4129ec9cfe61e587c1a7ddd1cdbcfc46/Incident_Response_Drills_for_Lv2_Analyst_V1.part2.rar.html
rapidgator.net/file/1817079202b1666c0571d0eb864a5a9c/Incident_Response_Drills_for_Lv2_Analyst_V1.part2.rar.html
rapidgator.net/file/9ec74dedd9cff9dd2a70b430d7d84c3f/Incident_Response_Drills_for_Lv2_Analyst_V1.part2.rar.html
rapidgator.net/file/dc55a8153b42a646f7b1c891229860f3/Incident_Response_Drills_for_Lv2_Analyst_V1.part2.rar.html
NITROFLARE
nitroflare.com/view/1304371C099C252/Incident_Response_Drills_for_Lv2_Analyst_V1.part1.rar
nitroflare.com/view/DC018B3C4EB9111/Incident_Response_Drills_for_Lv2_Analyst_V1.part2.rar