CompTIA CASP+: Monitoring & Incident Response

placeholder

Enterprise IT monitoring is crucial in detecting potential security incidents. In this course you ll explore various monitoring methods for hosts devices and networks. Next you ll learn to configure log forwarding and work with logs through PowerShell. Moving on you ll learn to recognize when to use honeyfiles honeypots and honeynets as well as SIEM and SOAR solutions. YouÆll then examine intrusion detection and prevention and how they are used to secure a network. Lastly you ll explore the use of tools such as Snort tcpdump nmap and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.