Train together, save more! 10% off individual registration, 20% off for pairs.
×
(+212) 6 60 10 42 56
Log in
Forgot password
Or create your account
You have just added to your selection
Your cart is empty, See our trainings

Description

This training will allow you to acquire an overview of supervision issues, the legal obligations concerned in terms of data retention and to quickly master the skills necessary to implement a software solution adapted to your needs.

Who is this training for ?

For whom ?

Systems and network administrators.

Prerequisites

Good knowledge of networks, systems and IT security.

Training objectives

  • Know the legal obligations regarding data retention
  • Know the process of log analysis
  • Install and configure Syslog
  • Understand correlation and analysis with SEC

    • Training program

      • Presentation and standards.
      • Architectures.
      • Certification authority.
      • Kerberos.
      • The heterogeneity of sources.
      • What is a security event? Security Event Information Management (SIEM).
      • Events collected from the IS.
      • System logs from equipment (firewalls, routers, servers, databases, etc.
      • ).
      • Passive collection in listening mode and active collection.
      • Practical work Approach to a log analysis.
      • The geolocation of an address.
      • The correlation of logs from different origins, visualize, sort, search for rules.
      • The Syslog protocol.
      • The client part and the server part.
      • Centralize event logs with Syslog.
      • Syslog is is it sufficient? Advantages and disadvantages.
      • Practical work Installation and configuration of Syslog.
      • Example of data analysis and correlation.
      • Presentation of SEC (Simple Event Correlator).
      • The configuration file and rules.
      • How to detect interesting patterns.
      • Correlation and analysis with SEC.
      • Practical work Installation and configuration of SEC.
      • Example of data analysis and correlation.
      • The MapReduce architecture and framework.
      • How to collect and index data? Exploit machine data.
      • Transaction authentication.
      • Integration with LDAP directories and Active Directory servers.
      • Practical work Installation and configuration of Slunk.
      • Example of analysis and correlation Datas.
      • The retention period of logs.
      • The framework of use and legislation.
      • The CNIL.
      • Labor law.
      • The IT charter, its content and the validation process.
      • How to set up an IT charter? Its contribution to the security chain.
      • Practical work Example of setting up an IT charter.
      • Good practices.
      • Pitfalls to avoid.
      • Choose the right tools.
      • The future for these applications.
      • Why a proxy? Squid.
      • Installation.
      • Configuration.
      • Authentication.
      • URL filtering and content.
      • Site control with Squid Guard.
      • Log formats.
      • Practical work Implementation: Squid, SquidGuard.
    • 888
    • 14 h

    Submit your review

    Training in our centers
    Reference
    PL-56
    Duration
    2 Days ( 14 hrs)
    Request a quote
    Training in your company
    Reference
    PL-56
    Duration
    2 Days ( 14 h)
    Request a quote
    On-demand training

    Interested in this topic? Our experts design your customized training!

    Contact us
    Translated By Google Translate