When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Advanced Network Analysis and Incident Response

Ce cours n'est pas disponible en Français (France)

Nous sommes actuellement en train de le traduire dans plus de langues. Consultez les langues disponibles.

Advanced Network Analysis and Incident Response

Ce cours fait partie de Spécialisation "Intrusion Detection"

Instructeur : Jason Crossland

Inclus avec

7 modules

Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.

niveau Intermédiaire

Expérience recommandée

5 semaines à compléter

à 10 heures par semaine

Planning flexible

Apprenez à votre propre rythme

7 modules

Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.

niveau Intermédiaire

Expérience recommandée

5 semaines à compléter

à 10 heures par semaine

Planning flexible

Apprenez à votre propre rythme

Ce que vous apprendrez

Understand the differences between network situational awareness and traditional NIDS for effective incident detection.
Gain proficiency in using GOTS and COTS tools for network packet analysis and troubleshooting networking challenges.
Learn to conduct ROC analysis on IDS data and interpret event graphs and precision-recall metrics for better decision-making.
Explore the NIST Cybersecurity Framework and SANS Incident Response Cycle to effectively manage and respond to cyber incidents.

Compétences que vous acquerrez

Catégorie : Incident Management
Catégorie : Threat Detection
Catégorie : Intrusion Detection and Prevention
Catégorie : Incident Response
Catégorie : Cybersecurity
Catégorie : Cloud Security
Catégorie : Anomaly Detection
Catégorie : AI Security
Catégorie : Network Analysis
Catégorie : Cyber Security Policies
Catégorie : Computer Security Incident Management
Catégorie : Network Monitoring
Catégorie : NIST 800-53
Catégorie : Network Security

Détails à connaître

Certificat partageable

Ajouter à votre profil LinkedIn

Évaluations

17 devoirs

Enseigné en Anglais

91% of learners achieved a positive career outcome

Découvrez comment les employés des entreprises prestigieuses maîtrisent des compétences recherchées

En savoir plus sur Coursera pour les affaires

logos de Petrobras, TATA, Danone, Capgemini, P&G et L'Oreal

Élaborez votre expertise du sujet

Ce cours fait partie de la Spécialisation "Intrusion Detection"

Lorsque vous vous inscrivez à ce cours, vous êtes également inscrit(e) à cette Spécialisation.

Apprenez de nouveaux concepts auprès d'experts du secteur
Acquérez une compréhension de base d'un sujet ou d'un outil
Développez des compétences professionnelles avec des projets pratiques
Obtenez un certificat professionnel partageable

Il y a 7 modules dans ce cours

The course "Advanced Network Analysis and Incident Response" equips learners with critical skills for effectively managing and responding to cyber threats. Through a blend of theoretical concepts and hands-on practice, participants will delve into advanced network situational awareness, network packet analysis, and incident response strategies aligned with organizational security policies.

What sets this course apart is its comprehensive approach to both the technical and strategic aspects of cybersecurity. Learners will engage with both government-off-the-shelf (GOTS) and commercial-off-the-shelf (COTS) tools, gaining practical experience in analyzing network traffic and implementing effective incident response protocols. The curriculum also incorporates real-world scenarios through tabletop exercises and emphasizes the application of the NIST Cybersecurity Framework and the SANS Incident Response Cycle. By completing this course, learners will enhance their ability to detect, analyze, and respond to incidents effectively, preparing them for challenges in the dynamic field of cybersecurity. Whether you're aiming to advance your career or reinforce your skills, this course provides the knowledge and confidence needed to excel in network analysis and incident response.

Détails du module

This course provides a comprehensive exploration of network analysis and incident response strategies, focusing on the differentiation between Network Situational Awareness and Intrusion Detection Systems. Students will learn to apply anomaly detection techniques and utilize various network packet analysis tools. The curriculum includes developing alarm systems through Graph Analysis and interpreting key performance metrics like ROC analysis. Emphasis is placed on evaluating incident response mechanisms and understanding the implications of Artificial Intelligence in cybersecurity. Participants will also gain practical skills in applying the NIST Cybersecurity Framework and the SANS Incident Response Cycle to real-world scenarios.

Inclus

1 vidéo3 lectures

This course dives into advanced network situational awareness, exploring how it differs from conventional NIDS.

Inclus

5 vidéos3 lectures3 devoirs

5 vidéosTotal 83 minutes

Introduction6 minutes
Network Situational Awareness15 minutes
Anomaly Detection on Large-Scale Network Traffic29 minutes
Incident Detection Using Graph Analytics24 minutes
Security Onion/Bro Lab9 minutes

3 lecturesTotal 400 minutes

Reading References180 minutes
Reading References180 minutes
Self-Reflective Reading: Enhancing Network Attack Detection40 minutes

3 devoirsTotal 90 minutes

Network Analysis60 minutes
Differentiating Network Situational Awareness from NIDS15 minutes
Applying Anomaly Detection to Large-Scale Network Analysis15 minutes

This module introduces foundational concepts in Network Packet Analysis, providing insights into both government-off-the-shelf (GOTS) and commercial-off-the-shelf (COTS) tools used for analyzing network traffic.

Inclus

4 lectures3 devoirs6 plugins

4 lecturesTotal 480 minutes

Reading References180 minutes
Reading References180 minutes
Self-Reflective Reading: Network Forensic Investigation and Packet Analysis60 minutes
Self-Reflective Reading: Challenges in Network Packet Collection and Analysis60 minutes

3 devoirsTotal 90 minutes

Network Packet Analysis60 minutes
Introduction to Network Packet Analysis and Tools15 minutes
Data Collection Techniques and the Role of Wireshark15 minutes

6 pluginsTotal 112 minutes

Introduction to Packet Analysis- Part 2: Network Protocols5 minutes
Introduction to Packet Analysis- Part 3: UDP Packets15 minutes
Introduction to Packet Analysis- Part 4: TCP Protocols13 minutes
Introduction to Packet Analysis- Part 8 Capturing Network Traffic with TCPDump14 minutes
Introduction to Packet Analysis- Part 8 Packet Analysis with Wireshark (Part 1)30 minutes
Introduction to Packet Analysis- Part 8 Packet Analysis with Wireshark (Part 2)35 minutes

This module will guide students through the process of conducting ROC analysis on IDS data and interpreting various graphical representations, including event graphs, precision-recall (P-R) graphs, and thresholds.

Inclus

6 vidéos3 lectures3 devoirs

6 vidéosTotal 70 minutes

Introduction6 minutes
Overview of ROC Analysis11 minutes
Event Graphs and Thresholds18 minutes
Multiple Confusion Matrices Based on IDS Configuration23 minutes
Error Rates6 minutes
ROC and P-R Graphs6 minutes

3 lecturesTotal 280 minutes

Reading References120 minutes
Reading References120 minutes
Self-Reflective Reading: Deep Packet Inspection and Net Neutrality40 minutes

3 devoirsTotal 90 minutes

ROC Analysis60 minutes
ROC Analysis and IDS Performance Metrics15 minutes
Challenges and Advanced Concepts in IDS Evaluation15 minutes

This module focuses on the importance of aligning response strategies with organizational security policies, while also evaluating the risks associated with automated responses.

Inclus

5 vidéos4 lectures3 devoirs

5 vidéosTotal 79 minutes

Introduction3 minutes
Response Requirements20 minutes
Response Types17 minutes
IPS20 minutes
Risks and Cautions for IPS19 minutes

4 lecturesTotal 260 minutes

Reading References90 minutes
Reading References90 minutes
Self-Reflective Reading: Balancing Technical and Non-Technical Responses to Intrusions40 minutes
Self-Reflective Reading: Responses to IDS Alerts and Network Threat Management40 minutes

3 devoirsTotal 90 minutes

Response60 minutes
Understanding IDS Response Mechanisms15 minutes
Implementing Custom Firewall Logic15 minutes

This course explores the complexities of intrusion detection and response in constrained environments.

Inclus

1 vidéo2 devoirs

This course delves into the application of the NIST Cybersecurity Framework (CSF) 2.0 and the SANS Incident Response Cycle in managing cyber incidents.

Inclus

6 lectures3 devoirs4 plugins

6 lecturesTotal 420 minutes

Reading References120 minutes
Reading References120 minutes
Cybersecurity and AI: The Challenges and Opportunities20 minutes
Incident Response Principles60 minutes
Self-Reflective Reading: The Role of AI in Cybersecurity40 minutes
Self-Reflective Reading: Case Study Analysis and Cyber Incident Response60 minutes

3 devoirsTotal 90 minutes

Cyber Security Incident Response Management60 minutes
Applying the NIST CSF 2.0 Core Functions and SANS Incident Response Cycle15 minutes
Artificial Intelligence in Cybersecurity Incident Response15 minutes

4 pluginsTotal 32 minutes

The Six Phases of Incident Response (IR)/Incident Response Life Cycle6 minutes
NIST 800-171 & NIST 800-53: Incident Response9 minutes
Incident Response Steps and Activities11 minutes
Artificial Intelligence (AI) in Cybersecurity6 minutes

Obtenez un certificat professionnel

Ajoutez ce titre à votre profil LinkedIn, à votre curriculum vitae ou à votre CV. Partagez-le sur les médias sociaux et dans votre évaluation des performances.