CompTIA Cybersecurity Analyst+: Security & Network Monitoring

SIEM solutions serve as centralized data ingestion and analysis engines that seek out potential security issues. Security incident response can be partially or fully automated using SOAR solutions.

In this course discover the benefits of security information and event management (SIEM) and security orchestration automation and response (SOAR) security incident monitoring and response solutions. Next explore threat positives and negatives followed by deploying the Splunk SIEM on Linux. Finally learn how to configure a Splunk universal forwarder and use various tools to capture and analyze network traffic.

This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.