Course Content

Module 1: Introduction

03:47
1.1 Introduction

Module 2: What is Security Onion?

05:24
2.1 What is Security Onion?
04:18
2.2 Monitoring and Analysis Tools
07:08
2.3 Security Onion Architecture
02:58
2.4 Deployment Types

Module 3: Installing a Standalone Server

09:50
3.1 Security Onion Download and Installation Part 1
10:39
3.2 Security Onion Download and Installation Part 2

Module 4: Installing a Distributed Environment

03:23
4.1 Server Configuration Demo Part 1
11:16
4.2 Server Configuration Demo Part 2
14:37
4.3 Server Configuration Demo Part 3

Module 5: Reviewing the Installation

02:16
5.1 Server Installation Review
05:31
5.2 Checking System Services With sostat
09:02
5.3 Security Onion Web Browser Tools
03:00
5.4 Security Onion Terminal

Module 6: Resources

05:47
6.1 Resources Part 1
03:47
6.2 Resources Part 2

Module 7: Replaying Traffic on a Standalone Server

02:05
7.1 TCPReplay Part 1
16:39
7.2 TCPReplay Part 2
17:44
7.3 TCPReplay Part 3
00:29
7.4 Review

Module 8: Sniffing Traffic in a Distributed Environment

03:41
8.1 Sniffing Traffic
13:00
8.2 Traffic Overview in Kibana
00:43
8.3 SSH Success

Module 9: Management Tips and Best Practices

00:35
9.1 Lesson 9 Agenda
04:59
9.2 Salt Tips
02:57
9.3 Proxy Settings
08:57
9.4 IDS Rules Management
05:22
9.5 Autocat Rules Management
03:18
9.6 Other Helpful Commands and Tips

Module 10: Other Functionality

00:23
10.1 Lesson 10 Overview
01:06
10.2 Wazuh/OSSEC Functionality
01:07
10.3 DNS Anomaly Detection Script
02:18
10.4 Domain Stats and Frequency Server

Module 11: Wrap Up

02:16
11.1 Course Wrap Up

Course Description

Overall, this course will allow you to learn how to maintain and update Security Onion.

Students should have networking knowledge (TCP/IP, Protocols, Packets, etc.), linux knowledge (mkdir, Is, vi, ifconfig, etc.), and security technology knowledge (IDS, Full Packet Capture, etc).

Instructed By

Instructor Profile Image
Karl Hansen
Instructor

Provided By

Cybrary Logo

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Security Onion Certificate of Completion