Ce cours n'est pas disponible en Français (France)

Nous sommes actuellement en train de le traduire dans plus de langues.
Cisco Learning and Certifications

Threat Analysis

3 452 déjà inscrits

Inclus avec Coursera Plus

Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.
4.9

(24 avis)

26 heures pour terminer
3 semaines à 8 heures par semaine
Planning flexible
Apprenez à votre propre rythme
Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.
4.9

(24 avis)

26 heures pour terminer
3 semaines à 8 heures par semaine
Planning flexible
Apprenez à votre propre rythme

Détails à connaître

Certificat partageable

Ajouter à votre profil LinkedIn

Évaluations

65 devoirs

Enseigné en Anglais

Découvrez comment les employés des entreprises prestigieuses maîtrisent des compétences recherchées

Emplacement réservé

Élaborez votre expertise du sujet

Ce cours fait partie de la Spécialisation Cybersecurity Operations Fundamentals
Lorsque vous vous inscrivez à ce cours, vous êtes également inscrit(e) à cette Spécialisation.
  • Apprenez de nouveaux concepts auprès d'experts du secteur
  • Acquérez une compréhension de base d'un sujet ou d'un outil
  • Développez des compétences professionnelles avec des projets pratiques
  • Obtenez un certificat professionnel partageable
Emplacement réservé
Emplacement réservé

Obtenez un certificat professionnel

Ajoutez cette qualification à votre profil LinkedIn ou à votre CV

Partagez-le sur les réseaux sociaux et dans votre évaluation de performance

Emplacement réservé

Il y a 4 modules dans ce cours

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand Incident Analysis in a Threat-Centric SOC. By the end of the course, you will be able to: • Use the classic kill chain model to perform network security incident analysis • Describe the reconnaissance phase of the classic kill chain model • Describe the weaponization phase of the classic kill chain model • Describe the delivery phase of the classic kill chain model • Describe the exploitation phase of the classic kill chain model • Describe the installation phase of the classic kill chain mode l• Describe the command-and-control phase of the classic kill chain model • Describe the actions on objectives phase of the classic kill chain model • Describe how the kill chain model can be applied to detect and prevent ransomware • Describe using the diamond model to perform network security incident analysis • Describe how to apply the diamond model to perform network security incident analysis using a threat intelligence platform, such as ThreatConnect • Describe the MITRE ATTACK framework and its use • Walk-through the classic kill chain model and use various tool capabilities of the Security Onion Linux distribution • Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Inclus

13 vidéos21 lectures13 devoirs1 sujet de discussion

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand common attack vectors. By the end of the course, you will be able to: • Identify the common attack vectors • Explain DNS terminology and operations • Describe the automated discovery and registration process of the client public IP addresses via DDNS • Describe the process of recursive DNS queries • Describe HTTP operations and traffic analysis to identify anomalies in the HTTP traffic • Describe the use of and operation of HTTPS traffic • Describe the use of and operation of HTTP/2 and streams • Describe how SQL is used to query, operate, and administer relational database management systems, and how to recognize SQL based attacks• Describe how the mail delivery process works, and SMTP conversations • Describe how web scripting can be used to deliver malware • Explain the use of obfuscated JavaScript by the threat actors • Explain the use of shellcode and exploits by threat actors • Understand the three basic types of payloads within the Metasploit framework (single, stager, and stage) • Explain the use of directory traversal by the threat actors • Explain the basic concepts of SQL injection attacks • Explain the basic concepts of cross-site scripting attacks • Explain the use of Punycode by threat actors • Explain the use of DNS tunneling by threat actors • Explain the use of pivoting by threat actors • Describe website redirection with HTTP 302 cushioning • Describe how attackers can gain access via web-based attacks • Understand how threat actors use exploit kits • Describe the Emotet APT • Play the role of both attacker to simulate attacks, and the role of analyst to analyze the attacks. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Inclus

23 vidéos78 lectures23 devoirs

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you Identify Malicious Activity. By the end of the course, you will be able to: • Explain why security analysts need to understand the network design that they are protecting • Understand the role of the design of the network that you are protecting • Define the different threat actor types • Provide an example of log data search using ELSA • Explore logging functionality in context to Linux systems • Describe how the Windows Event Viewer is used to browse and manage event logs • Describe the context of a security incident in firewall syslog messages • Describe the need for network DNS activity log analysis • Describe web proxy log analysis for investigating web-based attacks • Describe email proxy log analysis for investigating email-based attacks • Describe AAA server log analysis • Describe NGFW log analysis for incident investigation • Describe application log analysis for detecting application misuse • Describe the use of NetFlow for collecting and monitoring of network traffic flow data • Explain the use of NetFlow as a security tool • Describe network behavior anomaly monitoring for detecting deviations from the normal patterns • Describe using NetFlow for data loss detection• Explain how DNS can be used by the threat actors to perform attacks • Describe intrusion prevention system evasion techniques • Explain the Onion Router network and how to detect Tor network traffic • Describe gaining access and control in context to endpoint attacks• Describe peer-to-peer file sharing and risks • Describe encapsulation techniques including DNS tunneling • Explain how to prevent attackers from modifying a device's software image • Explore how attackers leverage DNS in their attacks • Analyze data for investigation of a security event. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Inclus

21 vidéos64 lectures24 devoirs1 sujet de discussion

If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you identify patterns of suspicious behavior. By the end of the course, you will be able to: • Explain the purpose of baselining the network activities • Explain how to use the established baseline to identify anomalies and suspicious behaviors • Explain the basic concepts of performing PCAP analysis • Explain the use of a sandbox to perform file analysis • Investigate suspicious activity using the tools within Security Onion. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.

Inclus

6 vidéos7 lectures5 devoirs

Instructeur

Cisco Learning & Certifications
12 Cours58 719 apprenants

Offert par

Recommandé si vous êtes intéressé(e) par Security

Pour quelles raisons les étudiants sur Coursera nous choisissent-ils pour leur carrière ?

Felipe M.
Étudiant(e) depuis 2018
’Pouvoir suivre des cours à mon rythme à été une expérience extraordinaire. Je peux apprendre chaque fois que mon emploi du temps me le permet et en fonction de mon humeur.’
Jennifer J.
Étudiant(e) depuis 2020
’J'ai directement appliqué les concepts et les compétences que j'ai appris de mes cours à un nouveau projet passionnant au travail.’
Larry W.
Étudiant(e) depuis 2021
’Lorsque j'ai besoin de cours sur des sujets que mon université ne propose pas, Coursera est l'un des meilleurs endroits où se rendre.’
Chaitanya A.
’Apprendre, ce n'est pas seulement s'améliorer dans son travail : c'est bien plus que cela. Coursera me permet d'apprendre sans limites.’

Avis des étudiants

4.9

24 avis

  • 5 stars

    87,50 %

  • 4 stars

    12,50 %

  • 3 stars

    0 %

  • 2 stars

    0 %

  • 1 star

    0 %

Affichage de 3 sur 24

CB
5

Révisé le 22 mars 2024

Emplacement réservé

Ouvrez de nouvelles portes avec Coursera Plus

Accès illimité à 10,000+ cours de niveau international, projets pratiques et programmes de certification prêts à l'emploi - tous inclus dans votre abonnement.

Faites progresser votre carrière avec un diplôme en ligne

Obtenez un diplôme auprès d’universités de renommée mondiale - 100 % en ligne

Rejoignez plus de 3 400 entreprises mondiales qui ont choisi Coursera pour les affaires

Améliorez les compétences de vos employés pour exceller dans l’économie numérique

Foire Aux Questions