Description
Course info
Level
Intermediate
Updated
May 17, 2019
Duration
1h 37m
Description

Being able to identify what should and what shouldn't be on your network is the first step in identifying suspicious activity on your network. In this course, Security and Event Triage: Monitoring Assets and Topology, you will learn the techniques that can help you identify potential security breaches. First, you'll learn about the importance of continuously inventorying network devices so that you know what should be on your network. Next, you'll see how to analyze network device scans and network traffic patterns to establish a baseline and to identify anomalies. Finally, you'll explore how to analyze network vulnerability scans to identify weaknesses that require attention. When you're finished with this course, you'll know how to quickly and effectively identify network anomalies.

About the author
About the author

Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.

More from the author
Managing Microsoft Azure Subscriptions
Beginner
1h 60m
Jul 16, 2019
Computer Fundamentals: Hardware
Beginner
2h 43m
Jan 14, 2019
More courses by Daniel Lachance
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, I'm Dan Lachance, and welcome to my course, Monitoring Assets and Topology. As a security analyst, you need to know what should be on your network and what types of network conversations are considered normal. The periodic comparison of network scan results is instrumental so that you can determine network changes which could lead to identifying suspicious activity. Some of the major topics that we will cover include analyzing changes in network device inventory and changes between scans, as well as detecting vulnerabilities. By the end of this course, you'll understand how to establish a baseline of what's normal, which devices should be on the network, and how they talk to one another. You'll then be able to use this information to identify rogue devices and rogue network communications. I hope you'll join me to learn about monitoring assets and topology here at Pluralsight.