CCNA Cyber Ops: Malware analysis using ELSA and PCAP Files

Learn how to get PCAP files, use the tcpreplay command, and use ELSA to normalize. summarize, and aggregate logs

*** Part of the best selling course: CCNA Cyber Ops Tools: Sec Onion, Wireshark, and Kali Linux ***

*** The Only standalone course about ELSA (Enterprise Log Search and Archive) on Udemy***

It is estimated that there will be about 1.5 million unfilled jobs in cyber security by the year 2020. A more recent statistic increased this number for cyber security unfilled jobs to be 3.5 million by the year 2021. In addition, recent article highlights Cisco Systems intention to become a cyber security force. For these reasons, Cisco created the CCNA Cyber Ops certification, which can become one of the most certifications in demand in the near future. Furthermore, Cisco created a scholarship program for this certification, which emphasis its importance. 

In this course you will learn about the tools that you can use for your study of the CCNA Cyber Ops certification. Learning the theory side is important, but the hands on side is more important, since  the main purpose of your study is to apply your knowledge in production, and since your hands on will enforce your theory knowledge. You can not teach someone how to drive a car by showing him or her how to do it, but you have to let him try and practice how to do that. Furthermore, showing you hands on labs and how to use tools without teaching you how to create these labs and install these tools, might not give you the ultimate benefit from your study . For this reason, I have created this course to teach you how to create your own home labs, and to understand the core usage and important features of the tools used in them. I believe in the saying: "Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime". If you have access to online labs, such as that offered by Cisco through their scholarship, you still need to know how to create your own home labs to continue practicing and experimenting, which is what this course will help you to achieve. On the other hand, this course will prepare you to go through these online labs quickly, and with confidence, since you will be familiar with the tools used in them.  And not just online labs, but any other hands on Cyber Ops courses, like what I intend to publish in the near future.

In this course you will learn about how to use the tcpreplay command, and where to download PCAP files that can be used with this command to recreate network packets in order to practice with malware analysis using ELSA. You will go through the steps of log normalization,log summarization, and log aggregation.

Because you will need to install and learn security onion before start working with ELSA, I have a section for that.

I hope that you will join me in this course and start your Cyber security journey. Happy learning!