Analysis and Monitoring
Shon Harris
The fast, powerful way to prepare for your SSCP exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over three and a half hours of training adapted …
Analysis and Monitoring
Shon Harris
The fast, powerful way to prepare for your SSCP exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains over three and a half hours of training adapted from Shon Harris’s legendary five-day SSCP boot camps–including realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-world settings!
Comprehensive coverage of SSCP domains of knowledge:
. Security Auditing
. Control Checks
. Network Mapping
. Security Monitoring Issues
. Event Logging
. Responses to Attacks
About the Shon Harris Security Series
This online video is part of a complete library of books, online services, and videos designed to help security professionals enhance their skills and prepare for their certification exams. Every product in this series reflects Shon Harris’s unsurpassed experience in teaching IT security professionals.
Category: Security
System Requirements
OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4
(Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card
with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more
Course Introduction 00:17:17
Domain 4 - Analysis and Monitoring 00:00:47
Security Auditing 00:00:34
What Are Security Audits? 00:00:53
Why Are Security Audits Performed? 00:03:07
Audit Participant’s Role 00:01:53
Defining the Audit Scope 00:02:20
Defining the Audit Plan 00:00:47
Audit Data Collection Methods 00:03:24
Post Audit Activities 00:02:17
Controls 00:01:53
Control Checks 00:01:48
Control Checks - User Access Control 00:00:39
Control Checks - Network Access 00:02:53
Network Configurations 00:00:42
DMZ Configurations 00:03:24
Firewall Comparisons 00:04:48
Network Devices - Firewalls 00:01:52
Host Isolation - Audit Questions 00:02:22
Firewalls - Audit Questions 00:01:25
Intrusion Detection System 00:01:55
IDS - Audit Questions 00:02:11
Network Monitoring 00:01:13
Control Checks - Monitoring 00:02:02
Monitoring - Audit Questions 00:01:40
Control Checks - System Hardening 00:03:15
Patching - Audit Questions 00:01:07
Control Checks - Anti-Virus 00:01:06
Control Checks - Encryption 00:01:52
Control Checks - Logging 00:01:14
Protecting Access to System Logs 00:01:07
Audit Process 00:03:24
Security Testing 00:00:48
Overview 00:01:18
Why? 00:00:58
When? 00:01:12
Who? 00:02:30
Security Testing Goals 00:01:49
Security Testing - Tools 00:01:25
Before Carrying Out Vulnerability Testing 00:01:43
Testing for Vulnerabilities 00:01:06
Vulnerability Assessments 00:02:23
Security Testing Issues 00:05:32
Vulnerability Scanning 00:00:52
Vulnerability Scans 00:01:05
Penetration Testing (1) 00:02:28
Penetration Testing Variations 00:01:40
Types of Testing 00:03:11
Step In Attack Chart 00:04:53
Testing Steps 00:02:15
Automated Pen Testing Tools CanvasT Operation 00:01:43
Penetration Testing (2) 00:03:15
Automated Pen Testing Tools Core ImpactT Operation 00:01:07
Test Type Chart 00:03:35
Reconnaissance 00:00:53
Reconnaissance - Social Engineering 00:00:47
Reconnaissance - WHOIS Information 00:00:42
Reconnaissance - DNS Zone Transfer 00:03:11
Network Mapping 00:01:51
Network Mapping - Host/Port Mapping 00:00:55
Vulnerability Assessment 00:01:05
Security Gateway Testing 00:00:39
Security Monitoring Testing 00:02:11
Weeding Out False Positives 00:01:18
Security Monitoring 00:00:51
Post-Testing and Assessment Steps 00:01:01
Motivation Behind Attacks 00:00:50
Intrusions 00:01:19
What Is Acceptable? 00:01:07
Security Monitoring for Everyday Life 00:00:48
Security Monitoring for Computing Systems 00:01:46
Security Monitoring Issues 00:02:47
Monitoring Terminologies 00:04:35
Intrusion Detection Systems 00:01:13
IDS Categories 00:00:56
Network-based IDS 00:01:21
Host-based IDS 00:02:33
Anomaly Detection 00:01:22
Signature-based IDS 00:01:43
IDS as a Patch for Firewall 00:01:23
Event Logging 00:01:45
Event Logging - Usefulness 00:00:54
Log Sources 00:01:24
Centralized Logging infrastructure 00:01:19
Log Reviews 00:00:47
Logging Priority 00:01:09
Secure Logging 00:01:40
Event Alerting and Interpretation 00:01:32
Accountability = Auditing Events 00:01:43
Security Monitoring Evasion 00:03:12
Obfuscation 00:01:04
Fragmentation 00:00:35
Encryption 00:02:09
Overloading 00:00:44
Slow Scans 00:00:47
Log Alteration 00:01:25
Security Monitoring Implementation Issues 00:00:47
Criticality Based Deployment 00:02:07
Maintenance and Tuning 00:00:50
Data Collection for Incident Response 00:01:00
Monitoring Response Techniques 00:01:33
Active Response Pitfalls 00:01:14
IDS 00:02:12
IDS Steps 00:01:26
Network IDS Sensors 00:02:00
Host IDS 00:01:31
Combination 00:01:38
Types of IDSs 00:02:32
Signature-Based Example 00:02:29
Behavior-Based IDS 00:03:32
Statistical Anomaly 00:01:05
Statistical IDS 00:00:45
Protocol Anomaly 00:01:45
What Is a Protocol Anomaly? 00:01:30
Protocol Anomaly Issues 00:00:48
Traffic Anomaly 00:03:47
IDS Response Mechanisms 00:01:10
Responses to Attacks 00:01:37
IDS Issues 00:01:55
Intrusion Prevention System 00:02:43
Vulnerable IDS 00:00:47
Trapping an Intruder 00:01:43
Domain 4 Review 00:01:31