Course Content

Module 1: Introduction

3m
1.1 Introduction

Module 2: What is Security Onion?

5m
2.1What is Security Onion?
4m
2.2Monitoring and Analysis Tools
7m
2.3Security Onion Architecture
2m
2.4Deployment Types

Module 3: Installing a Standalone Server

9m
3.1Security Onion Download and Installation Part 1
10m
3.2Security Onion Download and Installation Part 2

Module 4: Installing a Distributed Environment

3m
4.1Server Configuration Demo Part 1
11m
4.2Server Configuration Demo Part 2
14m
4.3Server Configuration Demo Part 3

Module 5: Reviewing the Installation

2m
5.1Server Installation Review
5m
5.2Checking System Services With sostat
9m
5.3Security Onion Web Browser Tools
3m
5.4Security Onion Terminal

Module 6: Resources

5m
6.1Resources Part 1
3m
6.2Resources Part 2

Module 7: Replaying Traffic on a Standalone Server

2m
7.1TCPReplay Part 1
16m
7.2TCPReplay Part 2
17m
7.3TCPReplay Part 3
1 minute
7.4Review

Module 8: Sniffing Traffic in a Distributed Environment

3m
8.1Sniffing Traffic
13m
8.2Traffic Overview in Kibana
1 minute
8.3SSH Success

Module 9: Management Tips and Best Practices

1 minute
9.1Lesson 9 Agenda
4m
9.2Salt Tips
2m
9.3Proxy Settings
8m
9.4IDS Rules Management
5m
9.5Autocat Rules Management
3m
9.6Other Helpful Commands and Tips

Module 10: Other Functionality

1 minute
10.1Lesson 10 Overview
1m
10.2Wazuh/OSSEC Functionality
1m
10.3DNS Anomaly Detection Script
2m
10.4Domain Stats and Frequency Server

Module 11: Wrap Up

2m
11.1Course Wrap Up

Course Description

Overall, this course will allow you to learn how to maintain and update Security Onion.

Students should have networking knowledge (TCP/IP, Protocols, Packets, etc.), linux knowledge (mkdir, Is, vi, ifconfig, etc.), and security technology knowledge (IDS, Full Packet Capture, etc).

Instructed By

Instructor Profile Image
Karl Hansen
Senior SOC Analyst
Instructor

Provided By

Cybrary

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Security Onion Certificate of Completion