Lesson 1
Foundations of Monitoring and Logging
Find out why monitoring and logging is essential to cybersecurity, learn about the history of log monitoring, and get started with the virtual machine you'll be using in this course.
Monitoring, Logging and Responding to Incidents
Course
In this course, you will discover the importance of incident detection and use the Snort Intrusion Detection System to automatically generate alerts based on suspicious network traffic. You will learn to analyze automated alerts for false positives and determine if they represent a real security threat. You will analyze network traffic using Wireshark and capture live traffic using tcpdump. You will also use Splunk to search and correlate security log data across multiple sources. Finally, you will follow incident handling procedures to respond and recover from security incident scenarios.
In this course, you will discover the importance of incident detection and use the Snort Intrusion Detection System to automatically generate alerts based on suspicious network traffic. You will learn to analyze automated alerts for false positives and determine if they represent a real security threat. You will analyze network traffic using Wireshark and capture live traffic using tcpdump. You will also use Splunk to search and correlate security log data across multiple sources. Finally, you will follow incident handling procedures to respond and recover from security incident scenarios.
Intermediate
4 weeks
Real-world Projects
Completion Certificate
Last Updated May 12, 2023
Skills you'll learn:
Intrusion detection systems • Splunk • Security information and event management • Cybersecurity incident response playbooks
Prerequisites:
IT architecture diagramming • Cybersecurity fluency • Client-server model
Course Lessons
Lesson 2
Incident Detection
Discover how to uncover security incidents using an Intrusion Detection System. Create and analyze IDS rules and security log data.
Lesson 3
Monitoring and Logging
Capture and analyze network traffic using tcpdump and Wireshark, and search security logs using Splunk, a powerful SIEM tool.
Lesson 4
Incident Handling
Find out about the process to remediate security incidents, and an important tool to handle incidents consistently: incident handling playbooks.
Lesson 5 • Project
Project: Intrusion Detection and Response
In this project you will be filling in for a colleague who is on vacation. You will review and make decisions about network-based Intrusion Detection System alerts.
Taught By The Best
Chris Herdt
SECURITY ANALYST III
Chris is a Security Analyst at the University of Minnesota and an Adjunct Instructor at Dunwoody College, specializing in network security, web application security and Linux operating system security. He has a Master's Degree of Computer and Information Technology from the University of Pennsylvania.
The Udacity Difference
Combine technology training for employees with industry experts, mentors, and projects, for critical thinking that pushes innovation. Our proven upskilling system goes after success—relentlessly.
Demonstrate proficiency with practical projects
Projects are based on real-world scenarios and challenges, allowing you to apply the skills you learn to practical situations, while giving you real hands-on experience.
Gain proven experience
Retain knowledge longer
Apply new skills immediately
Top-tier services to ensure learner success
Reviewers provide timely and constructive feedback on your project submissions, highlighting areas of improvement and offering practical tips to enhance your work.
Get help from subject matter experts
Learn industry best practices
Gain valuable insights and improve your skills
Unlock access to Monitoring, Logging and Responding to Incidents and the rest of our best-in-class catalog
-
Unlimited access to our top-rated courses
-
Real-world projects
-
Personalized project reviews
-
Program certificates
-
Proven career outcomes
Full Catalog Access
One subscription opens up this course and our entire catalog of projects and skills.
Month-To-Month
4 Months
*Average time to complete a Nanodegree program
4 weeks
, Beginner
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Advanced
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
3 weeks
, Beginner
(115)
3 months
, Beginner
4 weeks
, Beginner
4 weeks
, Beginner
4 weeks
, Advanced
4 weeks
, Beginner
4 weeks
, Intermediate
Your subscription also includes:
Your subscription also includes:
4 weeks
, Beginner
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Advanced
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
3 weeks
, Beginner
(115)
3 months
, Beginner
4 weeks
, Beginner
4 weeks
, Beginner
4 weeks
, Advanced
4 weeks
, Beginner
4 weeks
, Intermediate
Get Started Today
Monitoring, Logging and Responding to Incidents
Month-To-Month
- Unlimited access to our top-rated courses
- Real-world projects
- Personalized project reviews
- Program certificates
- Proven career outcomes
4 Months
- All the same great benefits in our month-to-month plan
- Most cost-effective way to acquire a new set of skills
Discount applies to the first 4 months of membership, after which plans are converted to month-to-month.
4 weeks
, Beginner
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Advanced
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
3 weeks
, Beginner
(115)
3 months
, Beginner
4 weeks
, Beginner
4 weeks
, Beginner
4 weeks
, Advanced
4 weeks
, Beginner
4 weeks
, Intermediate
Related Programs
Related Programs
4 weeks
, Beginner
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Advanced
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
4 weeks
, Intermediate
3 weeks
, Beginner
(115)
3 months
, Beginner
4 weeks
, Beginner
4 weeks
, Beginner
4 weeks
, Advanced
4 weeks
, Beginner
4 weeks
, Intermediate