This course provides a comprehensive review of tools, techniques, and procedures for monitoring network events and assets to build a secure network architecture. It then looks at methods for hunting attackers that could bypass designed network defence mechanisms in an enterprise.
Upon successful completion of this course, students will have demonstrated the ability to:
- Identify, interpret, and evaluate continuous monitoring and cyber threat hunting requirements of organizations of different sizes;
- Examine deficiencies in existing network architectures to build a defensible architecture that supports continuous monitoring;
- Leverage different machine learning and data mining techniques to build intelligent data-driven systems for active defence;
- Integrate legal and ethical requirements and best practices in monitoring network activities; and
- Work collaboratively in teams to conduct research and communicate rational and reasoned arguments using appropriate methods.
- Introduction, privacy and ethical issues in network monitoring and threat hunting
- Setting up network monitoring and threat hunting infrastructure
- Applied machine learning for cyber threat detection and analysis
- Network attacks, attack tools and network monitoring
- Proactive network threat hunting and monitoring
- Network events and attack analysis
- Network vulnerability management and automated threat hunting
*Course details are subject to change.