Protecting your network is now more important than ever. You can accomplish this by comparing what you know should be on the network to current network and vulnerability scans in order to identify abnormal network devices and traffic.
Being able to identify what should and what shouldn't be on your network is the first step in identifying suspicious activity on your network. In this course, Security and Event Triage: Monitoring Assets and Topology, you will learn the techniques that can help you identify potential security breaches. First, you'll learn about the importance of continuously inventorying network devices so that you know what should be on your network. Next, you'll see how to analyze network device scans and network traffic patterns to establish a baseline and to identify anomalies. Finally, you'll explore how to analyze network vulnerability scans to identify weaknesses that require attention. When you're finished with this course, you'll know how to quickly and effectively identify network anomalies.
Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.
Course Overview Hi everyone, I'm Dan Lachance, and welcome to my course, Monitoring Assets and Topology. As a security analyst, you need to know what should be on your network and what types of network conversations are considered normal. The periodic comparison of network scan results is instrumental so that you can determine network changes which could lead to identifying suspicious activity. Some of the major topics that we will cover include analyzing changes in network device inventory and changes between scans, as well as detecting vulnerabilities. By the end of this course, you'll understand how to establish a baseline of what's normal, which devices should be on the network, and how they talk to one another. You'll then be able to use this information to identify rogue devices and rogue network communications. I hope you'll join me to learn about monitoring assets and topology here at Pluralsight.