没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![](https://csdnimg.cn/release/download_crawler_static/88399329/bg2.jpg)
Summary
eLearnSecurity Certified Incident Response (eCIR) – Guide Study to Exam ........................... 1
Laboratory ................................................................................................................................... 10
Content and Exam Reviews ........................................................................................................ 10
Network Packet and Traffic Analysis ........................................................................................... 10
What is Network Traffic Analysis (NTA)? .......................................................................... 10
The key benefits of network traffic analysis ...................................................................... 11
The importance of network traffic analysis ....................................................................... 11
What is the purpose of analyzing and monitoring network traffic? ............................... 12
What to look for in a network traffic analysis and monitoring solution.......................... 13
Network Topologies: ........................................................................................................ 14
Types of Network: ............................................................................................................ 14
TCP/IP Model and OSI Model: ...................................................................................... 15
Computer Network Protocols: ........................................................................................ 16
IEEE Standards: ............................................................................................................... 23
Networking Devices: ........................................................................................................ 25
Cables in Networking Devices: ...................................................................................... 26
Types of Ethernet Networks: ......................................................................................... 28
Types of Network Connections: .................................................................................... 28
Transmission Meia:.......................................................................................................... 29
Types of Multiplexers: ..................................................................................................... 30
Collision Detection: .......................................................................................................... 31
Network Layer Services: ................................................................................................. 31
Mode of Communication: ................................................................................................ 32
Classes in Computer Networking: ................................................................................ 33
Subnetting: ........................................................................................................................ 35
Methods of Network Security: ........................................................................................ 38
Wireshark Cheat Sheet ............................................................................................................... 38
Examples to Understand the Power of Wireshark ........................................................... 38
Installation of Wireshark ......................................................................................................... 39
Getting Started with Filters .................................................................................................. 40
Follow the White Rabbit Stream ......................................................................................... 41
Resolve DNS in Wireshark ................................................................................................... 41
Tshark for the Command Line ............................................................................................ 41
Build Firewall Rules .............................................................................................................. 42
Wireshark GeoIP Mapping ................................................................................................... 42
![](https://csdnimg.cn/release/download_crawler_static/88399329/bg3.jpg)
Decrypt SSL/TLS sessions .................................................................................................. 43
Extract files from PCAP using Export (HTTP or SMB) .................................................... 45
Right Hand Status Bar .......................................................................................................... 45
Sample PCAP's are readily available ................................................................................. 45
Setting up your Environment ............................................................................................... 45
capinfos ................................................................................................................................. 46
Default Columns In a Packet Capture Output ....................................................................... 47
Logical Operators ................................................................................................................... 48
Filtering Packets (Display Filters) ........................................................................................ 49
Filter Types............................................................................................................................. 50
Wireshark Capturing Modes ................................................................................................. 51
Miscellaneous ......................................................................................................................... 52
Capture Filter Syntax ............................................................................................................. 53
Display Filter Syntax .............................................................................................................. 53
Keyboard Shortcuts – Main Display Window....................................................................... 54
Protocols – Values .................................................................................................................. 56
Common Filtering Commands .............................................................................................. 56
Main Toolbar Items ............................................................................................................ 57
Others ..................................................................................................................................... 60
Exporting Data .................................................................................................................... 60
5.7.1. The “Export Specified Packets” Dialog Box ............................................... 60
5.7.2. The “Export Packet Dissections” Dialog Box ............................................. 61
5.7.3. The “Export Selected Packet Bytes” Dialog Box ....................................... 66
5.7.4. The “Export PDUs to File…” Dialog Box ..................................................... 67
5.7.5. The “Strip Headers…” Dialog Box ................................................................. 68
5.7.6. The “Export TLS Session Keys…” Dialog Box ............................................ 69
5.7.7. The “Export Objects” Dialog Box .................................................................. 70
ElasticSearch, Kibana and Logstash (ELK) .................................................................................... 88
What is the ELK Stack? ............................................................................................... 88
Why is ELK So Popular? ............................................................................................. 89
Why is Log Analysis Becoming More Important?............................................. 90
How to Use the ELK Stack for Log Analysis ......................................................... 91
What’s new? ..................................................................................................................... 92
Installing ELK.................................................................................................................... 93
![](https://csdnimg.cn/release/download_crawler_static/88399329/bg4.jpg)
Environment specifications ...................................................................................... 94
Installing Elasticsearch ............................................................................................... 94
Installing Logstash ....................................................................................................... 96
Installing Kibana ........................................................................................................... 97
Installing Beats .............................................................................................................. 98
Shipping some data .................................................................................................... 98
Additional installation guides ................................................................................ 101
Elasticsearch ................................................................................................................... 101
What is Elasticsearch? .............................................................................................. 101
Basic Elasticsearch Concepts ................................................................................. 102
Index ................................................................................................................................ 102
Documents ................................................................................................................... 103
Types ............................................................................................................................... 103
Mapping ......................................................................................................................... 104
Shards ............................................................................................................................. 104
Replicas .......................................................................................................................... 104
Elasticsearch Queries ................................................................................................ 105
Boolean Operators ..................................................................................................... 105
Fields ............................................................................................................................... 105
Ranges ............................................................................................................................ 105
Wildcards, Regexes and Fuzzy Searching ......................................................... 106
URI Search ..................................................................................................................... 106
Elasticsearch REST API ............................................................................................. 107
Elasticsearch Document API .................................................................................. 108
Elasticsearch Search API .......................................................................................... 108
Elasticsearch Indices API ......................................................................................... 108
Elasticsearch Cluster API ......................................................................................... 108
Elasticsearch Plugins ................................................................................................ 108
Plugin Categories ....................................................................................................... 109
Installing Elasticsearch Plugins ............................................................................. 109
What’s next? ................................................................................................................. 110
Logstash ........................................................................................................................... 110
What is Logstash? ...................................................................................................... 110
Logstash Configuration ............................................................................................ 111
Input plugins ................................................................................................................ 112
![](https://csdnimg.cn/release/download_crawler_static/88399329/bg5.jpg)
Filter plugins ................................................................................................................ 112
Output plugins ............................................................................................................ 112
Logstash Codecs ......................................................................................................... 113
Configuration example ............................................................................................. 113
Input ................................................................................................................................ 114
Filter ................................................................................................................................ 114
Output ............................................................................................................................... 115
Complete example ..................................................................................................... 115
Logstash pitfalls ............................................................................................................ 115
Monitoring Logstash ................................................................................................. 116
What next? ................................................................................................................... 118
Kibana ................................................................................................................................ 118
What is Kibana? .......................................................................................................... 118
Kibana searches .......................................................................................................... 119
Kibana searches cheat sheet .................................................................................. 120
Kibana autocomplete ............................................................................................... 121
Kibana filtering ............................................................................................................ 121
Kibana visualizations ................................................................................................. 122
Visualization types ...................................................................................................... 123
Kibana dashboards .................................................................................................... 126
Kibana pages................................................................................................................ 126
Kibana Elasticsearch index ..................................................................................... 127
What’s next? ................................................................................................................. 128
Beats ................................................................................................................................... 128
What are Beats? .......................................................................................................... 128
Filebeat ........................................................................................................................... 129
Packetbeat .................................................................................................................... 129
Metricbeat ..................................................................................................................... 130
Winlogbeat ................................................................................................................... 130
Auditbeat ....................................................................................................................... 130
Functionbeat ................................................................................................................ 130
Configuring beats ....................................................................................................... 131
Beats modules ............................................................................................................. 131
Configuration example ............................................................................................. 132
Configuration best practices .................................................................................. 132
剩余252页未读,继续阅读
资源评论
![avatar-default](https://csdnimg.cn/release/downloadcmsfe/public/img/lazyLogo2.1882d7f4.png)
![avatar](https://profile-avatar.csdnimg.cn/c7c91d301515410a8a3a0934d147c0ef_qq_29607687.jpg!1)
网络研究观
- 粉丝: 7864
- 资源: 2326
上传资源 快速赚钱
我的内容管理 展开
我的资源 快来上传第一个资源
我的收益
登录查看自己的收益我的积分 登录查看自己的积分
我的C币 登录后查看C币余额
我的收藏
我的下载
下载帮助
![voice](https://csdnimg.cn/release/downloadcmsfe/public/img/voice.245cc511.png)
![center-task](https://csdnimg.cn/release/downloadcmsfe/public/img/center-task.c2eda91a.png)
安全验证
文档复制为VIP权益,开通VIP直接复制
![dialog-icon](https://csdnimg.cn/release/downloadcmsfe/public/img/green-success.6a4acb44.png)