Firewalls and network devices are on the front lines of security and their logs contain important information for security professionals. These logs are useful when investigating security incidents, troubleshooting network issues and monitoring for suspicious activity. Learn the importance of collecting and analyzing network device log files.
- [Instructor] Firewalls and network devices…are on the front lines of security, and their logs…contain important information for security professionals.…These logs are useful when investigating security incidents,…troubleshooting network issues, and monitoring…for suspicious activity.…Firewall logs are one of the richest possible sources…of information.…When configured properly, firewalls create log entries…for each and every connection attempted on a network,…whether it was allowed or denied.…
The log entry contains quite a bit of useful information,…including details about the attempted connection,…including the source and destination, ports…and IP addresses, a time stamp indicating when…the connection took place, and the identity of the firewall…rule that either authorized or denied the connection.…Let's think about some scenarios where these logs…might be very useful.…First, in the aftermath of a security incident,…the logs may show all of the connections attempted…on a network.…
This likely includes the connections used by…
Learn about communication and networking best practices, including TCP/IP networking, network security devices, and secure network design and management. Instructor and cybersecurity expert Mike Chapple also includes coverage of converged protocols, network encryption, and wireless networking. You can find Mike's companion study books for this series at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- IP addressing
- Switches and routers
- Content distribution networks
- Designing secure networks
- Specialized networking
- Managing secure networks
- Working with virtualized networks like SDNs
- Detecting and preventing network attaches
- Transport encryption
- Wireless networking
- Host security
Skill Level Advanced
CISSP Cert Prep: 2 Asset Securitywith Mike Chapple58m 11s Advanced
1. TCP/IP Networking
2. Network Security Devices
3. Designing Secure Networks
4. Specialized Networking
5. Secure Network Management
6. Virtualized Networks
Port isolation1m 47s
7. Network Attacks
8. Transport Encryption
9. Wireless Networking
10. Host Security
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.