30 Bird - Reviewing Network Appliance Logs

Overview

NOTE: The Windows 10 VM should be running.

Most firewalls and other security appliances generate text-based logs that you can read through manually or feed into SIEM or other analysis tools. Even if you rely primarily on correlated reports, manual review processes are still sometimes essential for rooting out false positives or false negatives.

Courses

30 Bird - CompTIA CASP+ CAS-004

CompTIA Advanced Security Practitioner (CASP+) w/Cert Prep