• Online, Instructor-Led
Course Description

This course provides foundational log analysis skills and experience using the tools needed to help detect a network intrusion. Students learn how to process logs from Windows and Linux operating systems, firewalls, intrusion detection systems and Web and e-mail servers. Applying their analytical skills, students learn how to assemble evidence found in logs to assist in tasks ranging from building a case to recognizing an intrusion.

Learning Objectives

  • Explain log analysis methodology
  • Analyze and evaluate log files
  • Explain the benefits of log analysis in an intrusion investigation
  • Perform the extraction of information from log files
  • Arrange log file data

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Vulnerability Assessment and Management