SEC511 Continuous Monitoring and Security Operations | 801551349D5128E4D81696D098B7A6F27B40934D

SEC511 Continuous Monitoring and Security Operations

Name	SEC511 - Continuous Monitoring and Security Operations	DOWNLOAD Copy Link
Total Size	24.1 GB
Total Files	972
Last Seen	2025-02-19 23:53
Hash	801551349D5128E4D81696D098B7A6F27B40934D

/MP3 2020/
SEC511_1A_E01.mp3	73.3 MB
SEC511_1B_E01.mp3	70.0 MB
SEC511_1C_E01.mp3	61.4 MB
SEC511_1D_E01.mp3	114.1 MB
SEC511_2A_E01.mp3	84.7 MB
SEC511_2B_E01.mp3	76.4 MB
SEC511_2C_E01.mp3	76.3 MB
SEC511_2D_E01.mp3	110.0 MB
SEC511_3A_E01.mp3	80.3 MB
SEC511_3B_E01.mp3	75.9 MB
SEC511_3C_E01.mp3	55.7 MB
SEC511_3D_E01.mp3	123.3 MB
SEC511_4A_E01.mp3	84.4 MB
SEC511_4B_E01.mp3	81.7 MB
SEC511_4C_E01.mp3	50.6 MB
SEC511_4D_E01.mp3	107.8 MB
SEC511_5A_E01.mp3	83.8 MB
SEC511_5B_E01.mp3	52.0 MB
SEC511_5C_E01.mp3	60.8 MB
SEC511_5D_E01.mp3	140.0 MB
SEC511_6A_E01.mp3	47.4 MB
/PDF 2020/
SEC511_E01_01_16905.pdf	44.4 MB
/USB 2020/
Sec511 Virtual Machine.iso	14.8 GB
/.../1. Current State Assessment SOCs and Security Architecture/1. Course Overview/
1. Current State Assessment SOCs and Security Architecture.mp4	117.9 MB
2. Table of Contents 1.mp4	1.4 MB
3. Table of Contents 2.mp4	64.9 KB
4. Course Roadmap 1.mp4	60.0 MB
5. Main Topics Covered in SEC511.mp4	91.7 KB
6. Current State Assessment.mp4	4.0 MB
7. Defensible Network Security Architecture.mp4	2.6 MB
8. Network Security Monitoring NSM.mp4	1.9 MB
9. Endpoint Security Architecture.mp4	3.8 MB
10. Continuous Security Monitoring CSM.mp4	1.4 MB
11. CSM 2.mp4	1.5 MB
12. Capstone NetWars.mp4	6.3 MB
13. StartJoin the Conversation.mp4	4.3 MB
14. Demos Exercises and the Capstone.mp4	10.9 MB
15. Daily Immersive Cyber Challenges.mp4	525.8 KB
16. Exercise EnvironmentLaptop Requirements.mp4	4.6 MB
17. Courseware Conventions.mp4	407.1 KB
18. Short Links.mp4	3.7 MB
19. Actionable Information Immediate Results.mp4	9.5 MB
20. SEC511 Course PortalWiki.mp4	173.7 MB
21. SEC511 Portal Landing Page.mp4	71.9 KB
22. SEC511 Portal Electronic Labs.mp4	79.2 KB
23. Course Roadmap 2.mp4	138.6 KB
24. SEC511 Workbook Initial Configuration and Connection.mp4	241.9 MB
/.../2. Current State Assessment/
1. Course Roadmap.mp4	694.5 KB
2. Step 1 Admit There Is a Problem.mp4	2.0 MB
3. Current State Industry Studies.mp4	626.3 KB
4. Mandiant MTrends.mp4	7.9 MB
5. Verizon DBIR.mp4	9.9 MB
6. Verizon DBIR on Detection.mp4	1.6 MB
7. Ponemon Cost of a Data Breach.mp4	10.1 MB
8. Credential Compromise.mp4	6.1 MB
9. ThirdParty Detection.mp4	14.4 MB
10. Postmortem Detection.mp4	2.5 MB
11. Disrupting NationState Hackers.mp4	6.0 MB
12. Quoting Rob Joyce .mp4	7.4 MB
13. Beware of the Perfect Solution Fallacy.mp4	11.4 MB
14. Also Beware of the Perfect Attacker Fallacy.mp4	13.7 MB
15. Summary.mp4	112.0 KB
/.../1. Current State Assessment SOCs and Security Architecture/3. Adversarial Dominance/
1. Course Roadmap.mp4	1.2 MB
2. Fighting a Losing Battle.mp4	3.2 MB
3. No End in Sight.mp4	1.3 MB
4. Definition of Winning.mp4	13.7 MB
5. GoalOriented Defense.mp4	2.2 MB
6. New Security Paradigm.mp4	2.5 MB
/.../4. Traditional Attack Techniques/
1. Course Roadmap.mp4	1.8 MB
2. OpportunisticHobbyist Attackers.mp4	1.4 MB
3. ServiceSide Exploitation.mp4	2.3 MB
4. ServiceSide Exploitation Illustrated.mp4	8.5 MB
5. ServiceSide Traditionaland Current.mp4	4.3 MB
6. Relatively Benign Malware.mp4	4.3 MB
7. HighVolume Compromise.mp4	2.4 MB
8. Advanced Denial of Service.mp4	4.2 MB
9. Bots Gone Wild.mp4	992.6 KB
10. Ransomware.mp4	10.2 MB
11. CryptoLocker.mp4	6.9 MB
12. Cryptolocker Screenshot.mp4	742.4 KB
/.../5. Traditional Cyber Defense/
1. Course Roadmap 1.mp4	566.7 KB
2. Traditional Cyber Defense.mp4	1.5 MB
3. PreventionOriented.mp4	1.7 MB
4. Prevention Sanity Check.mp4	1.5 MB
5. Sanity Check Illustrated.mp4	2.6 MB
6. Perimeter Focused.mp4	7.4 MB
7. Addresses Layer 34.mp4	4.6 MB
8. DeviceDriven Security.mp4	6.5 MB
9. Traditional Successes.mp4	2.8 MB
10. Course Roadmap 2.mp4	140.2 KB
11. Instructor Demo Exercise 11 and 5113 Preview.mp4	116.0 KB
12. Instructor Demo Security Onion.mp4	181.5 MB
13. Sguil.mp4	111.4 KB
14. The Sguil NSM Frontend.mp4	133.5 KB
15. Wireshark.mp4	138.2 KB
16. SEC511 Workbook Detecting Traditional Attack Techniques.mp4	157.1 MB
/.../6. Modern Attack Techniques/
1. Course Roadmap.mp4	594.0 KB
2. Motivated Adversaries.mp4	5.4 MB
3. WellFunded Adversaries.mp4	6.8 MB
4. Web Application Attacks.mp4	5.4 MB
5. Layer 8Social Engineering.mp4	3.3 MB
6. ClientSide Exploitation Phishing Illustrated Part 1.mp4	6.9 MB
7. ClientSide Exploitation Phishing Illustrated Part 2.mp4	2.1 MB
8. ClientSide Exploitation Phishing Illustrated Part 3.mp4	2.5 MB
9. Why ClientSide Exploitation.mp4	2.9 MB
/.../7. ClientSide Attack Vectors/
1. Course Roadmap.mp4	141.4 KB
2. ClientSide Vectors.mp4	1.0 MB
3. DBIR State of the Phish.mp4	10.0 MB
4. Malicious Emails.mp4	1.6 MB
5. Attaching the Evil.mp4	8.0 MB
6. Phishing with Links.mp4	9.0 MB
7. WebBased Delivery.mp4	2.7 MB
8. Know Thy Victim.mp4	14.1 MB
9. Malvertising.mp4	8.5 MB
10. Watering Hole Attacks.mp4	7.3 MB
11. Lets Get Physical.mp4	7.8 MB
12. Mobile Small but Evil.mp4	2.3 MB
13. Minnows 1.mp4	7.5 MB
14. Minnows 2.mp4	1.0 MB
/.../1. Current State Assessment SOCs and Security Architecture/8. ClientSide Targets/
1. Course Roadmap.mp4	1.1 MB
2. Common ClientSide Targets.mp4	1.2 MB
3. BrowserBased Exploitation.mp4	1.6 MB
4. Browser Attacks.mp4	3.7 MB
5. Browser Attacks without Exploits.mp4	4.0 MB
6. Browser Plugin Exploits.mp4	3.1 MB
7. Flash EndofLife in 2020.mp4	6.2 MB
8. File Format Attacks.mp4	1.1 MB
9. Maliciously Crafted Files.mp4	3.2 MB
/.../1. Current State Assessment SOCs and Security Architecture/9. PostExploitation/
1. Course Roadmap.mp4	2.2 MB
2. Advanced PostExploitation.mp4	1.6 MB
3. DataDriven.mp4	886.6 KB
4. Exfiltration.mp4	1.7 MB
5. Encryptions Effects on Exfiltration.mp4	1.3 MB
6. Lateral Movement.mp4	6.3 MB
7. Pivoting Pictorially 1.mp4	3.3 MB
8. Pivoting Pictorially 2.mp4	973.9 KB
9. Pivoting Pictorially 3.mp4	4.2 MB
10. Pivoting Pictorially 4.mp4	7.0 MB
11. C2CCCNC.mp4	1.5 MB
12. Persistence.mp4	3.8 MB
13. Hiding.mp4	5.7 MB
14. Persistence versus Hiding.mp4	1.7 MB
15. Shell Meterpreter.mp4	7.4 MB
16. Meterpreter Open Source Payload Capabilities.mp4	2.7 MB
/.../10. Modern Cyber Defense Principles/
1. Course Roadmap 1.mp4	1.4 MB
2. Modern Cyber Defense Principles.mp4	269.9 KB
3. Presumption of Compromise.mp4	5.1 MB
4. DetectionOriented.mp4	1.2 MB
5. Proactive Detection Threat Hunting.mp4	4.7 MB
6. PostExploitation Focused.mp4	3.1 MB
7. Traditional versus Modern C2.mp4	6.6 MB
8. ResponseDriven.mp4	2.7 MB
9. Layer 7 Aware.mp4	1.9 MB
10. RiskInformed.mp4	2.8 MB
11. Course Roadmap 2.mp4	143.1 KB
12. SEC511 Workbook Detecting Modern Attack Techniques.mp4	63.6 MB
/.../11. Adversary Informed Detection/
1. Course Roadmap.mp4	2.0 MB
2. Adversary Informed Detection.mp4	1.4 MB
3. Threat Intelligence.mp4	3.0 MB
4. Intrusion Kill Chain.mp4	1.2 MB
5. Kill Chain Phases.mp4	6.1 MB
6. Kill Chain ATTCK.mp4	7.3 MB
7. PostExploitation Activity Is Key.mp4	1.2 MB
8. PostExploitation Visibility Analysis.mp4	2.9 MB
9. Stage 2 and Persistence Visibility.mp4	5.7 MB
10. Mandiant MTrends Example C2 via HTTP POST.mp4	7.4 MB
11. Command and Control.mp4	7.8 MB
12. Pivoting Lateral Movement Analysis.mp4	1.6 MB
13. Mandiant MTrends on MetasploitPSExec.mp4	2.5 MB
14. The Other MS PSExec ExploitPersistC2Exfil.mp4	7.7 MB
15. Data Analysis.mp4	1.3 MB
16. Data Exfiltration Analysis.mp4	3.0 MB
17. Default Egress Deny.mp4	6.2 MB
18. Outbound Blocking FTW.mp4	2.3 MB
/.../12. Security Operations Centers/
1. Course Roadmap.mp4	451.6 KB
2. Information Overload.mp4	1.4 MB
3. Security Operations Centers SOC.mp4	1.7 MB
4. Not a SOC.mp4	1.2 MB
5. Also Not a SOC.mp4	3.3 MB
6. Purpose of a SOC.mp4	5.7 MB
7. People and Process Products.mp4	10.5 MB
8. Key SOC Roles.mp4	3.7 MB
9. Oh Yeah Drinking the Flavored Drink Mix.mp4	3.3 MB
10. Outsourcing the SOC.mp4	5.6 MB
11. Making the MSSP Manage YOUR Security Services.mp4	8.4 MB
12. Hidden OutSOC Costs.mp4	7.6 MB
13. DIY SOC.mp4	2.4 MB
14. InSOC.mp4	1.9 MB
15. SOC Employee Training.mp4	4.1 MB
16. Hybrid SOC.mp4	1.4 MB
17. TheHive.mp4	1.5 MB
18. Cortex.mp4	3.4 MB
19. Relationship to Cyber Defense.mp4	5.1 MB
20. SEC511 and Security Operations.mp4	1.3 MB
21. SOC Sounds Like There Should Be a Book About That.mp4	2.3 MB
/.../13. Section One Summary/
1. Course Roadmap 1.mp4	123.6 KB
2. Day 1 Punch ListAction Items.mp4	101.9 KB
3. Day 1 TLDR.mp4	116.6 KB
4. Course Roadmap 2.mp4	45.3 MB
5. SEC511 Workbook Egress Analysis with Elastic Stack.mp4	132.6 MB
6. SEC511 Daily NetWars.mp4	57.3 KB
/.../1. Network Security Architecture/
1. Network Security Architecture.mp4	21.4 MB
2. Table of Contents 1.mp4	36.8 MB
3. Table of Contents 2.mp4	31.2 MB
4. Course Roadmap.mp4	573.4 KB
5. Traditional Perimeter Defense and the Crunchy Shell.mp4	4.5 MB
6. What About that Soft Chewy Center.mp4	7.3 MB
7. Zero Trust Architecture ZTA.mp4	9.9 MB
8. BeyondCorp Googles Approach to Zero Trust.mp4	10.3 MB
9. ZTA and Modern Architectures.mp4	9.3 MB
10. Key Infrastructure Devices.mp4	2.6 MB
11. Cyber Defense Illustrated.mp4	4.2 MB
12. Caprica 6 vs the Colonies.mp4	1.5 MB
13. The BSG Threat Hunting Team.mp4	484.4 KB
14. Scenario 1 The Ambitious Lt Gaeta.mp4	136.9 KB
15. Scenario 1 Web Application Attack.mp4	1.5 MB
16. Recon Build a Targeted Wordlist.mp4	911.4 KB
17. Mapping Web Server Located via Targeted DNS.mp4	1.1 MB
18. Exploitation SQL Injection in Web Application.mp4	1.3 MB
19. PostExploitation Data Exfiltration.mp4	3.2 MB
20. Scenario 1 Web Application Attack Key Points.mp4	1.3 MB
21. Scenario 2 Watering Hole ClientSide Pivot 1.mp4	877.2 KB
22. Scenario 2 Watering Hole ClientSide Pivot 2.mp4	130.5 KB
23. Scenario 2 Watering Hole ClientSide Pivot 3.mp4	999.9 KB
24. Recon Watering Hole ID.mp4	3.0 MB
25. Weaponization Watering Hole Established.mp4	1.9 MB
26. Exploitation ClientSide Exploitation.mp4	285.8 KB
27. PostExploitation C2 Establishment.mp4	1.6 MB
28. Pivot Target Acquired.mp4	1.9 MB
29. Goal Achieved Data Exfiltration.mp4	1.8 MB
30. Scenario 2 ClientSide Pivot Key Points.mp4	118.6 KB
31. Illustrations Applied.mp4	2.5 MB
/.../2. Network Security Architecture/2. Routers/
1. Course Roadmap.mp4	862.1 KB
2. Routers.mp4	1.8 MB
3. RouterBased Detection IPFIXNetFlow.mp4	11.4 MB
4. IPFIXNetFlow Data.mp4	3.4 MB
5. Profile Outbound Flows.mp4	12.6 MB
6. Abnormal Outbound Connections.mp4	1.1 MB
7. Persistent Outbound Connections.mp4	4.6 MB
8. HighVolume Outbound Connections.mp4	8.9 MB
9. Unexpected Destinations.mp4	22.4 MB
10. Outbound Visualization.mp4	5.6 MB
11. Routers Action Items.mp4	1.3 MB
12. Routers vs Scenario 1 Web App Prevention.mp4	908.2 KB
13. Routers vs Scenario 1 Web App Detection.mp4	1.0 MB
14. Routers vs Scenario 2 Client Prevention.mp4	2.3 MB
15. Routers vs Scenario 2 Client Detection.mp4	811.2 KB
/.../3. Perimeter SI Firewalls/
1. Course Roadmap.mp4	8.8 MB
2. Perimeter SI Firewalls.mp4	1.1 MB
3. Understanding Stateful.mp4	3.6 MB
4. Default Deny Inbound.mp4	10.0 MB
5. Additional Layer 3 Inbound Filtering.mp4	11.6 MB
6. Default Deny Outbound.mp4	2.5 MB
7. Layer 3 Outbound Filtering.mp4	2.1 MB
8. Layer 4 Outbound Filtering.mp4	20.2 MB
9. SI Firewall vs Scenario 1 Web App Prevention.mp4	2.5 MB
10. SI Firewall vs Scenario 1 Web App Detection.mp4	133.1 KB
11. SI Firewall vs Scenario 2 Client Prevention.mp4	7.1 MB
12. SI Firewall vs Scenario 2 Client Detection.mp4	3.2 MB
/.../4. Web Application Firewalls/
1. Course Roadmap 1.mp4	1.6 MB
2. CIS 1810 Deploy Web Application Firewalls.mp4	3.9 MB
3. Web Application Firewalls.mp4	5.0 MB
4. WAF Capabilities.mp4	7.4 MB
5. WAF PreventionDetection.mp4	7.8 MB
6. WAF Deployments.mp4	11.7 MB
7. WAF vs Scenario 1 Web App Prevention.mp4	2.7 MB
8. WAF vs Scenario 1 Web App Detection.mp4	3.4 MB
9. WAF vs Scenario 2 Client PreventionDetection.mp4	323.3 KB
10. Course Roadmap 2.mp4	125.7 KB
11. SEC511 Workbook ModSecurity.mp4	54.1 MB
/.../2. Network Security Architecture/5. Forward Proxies/
1. Course Roadmap.mp4	1.9 MB
2. Forward Proxies.mp4	3.3 MB
3. Proxy or Bust.mp4	6.3 MB
4. Proxy Configuration of Clients.mp4	6.5 MB
5. WPAD.mp4	2.8 MB
6. Web Content Filters.mp4	4.1 MB
7. Blacklisting Billions.mp4	11.4 MB
8. MIMEContentType BlockingAlerting.mp4	15.1 MB
9. MIMEContentType Illustrated.mp4	1.8 MB
10. Beyond Website Categorization.mp4	1.4 MB
11. Splash Proxy.mp4	10.4 MB
12. Forward Proxy vs Scenario 2 Client Prevention.mp4	3.1 MB
13. Forward Proxy vs Scenario 2 Client Detection.mp4	1.3 MB
/.../6. Encryption and TLS Inspection/
1. Course Roadmap.mp4	122.3 KB
2. Encrypt All the Things.mp4	3.7 MB
3. Enterprise Responses to Outbound HTTPS Encryption.mp4	8.5 MB
4. CIS 1210 Decrypt Network Traffic at Proxy.mp4	4.2 MB
5. Decrypting HTTPS with InterceptionInspection.mp4	5.6 MB
6. Never Decrypt All The Things.mp4	5.3 MB
7. Encryption Beyond HTTPS.mp4	6.8 MB
8. DNS over TLS DoT.mp4	10.0 MB
9. DNS Over HTTPS DoH .mp4	8.1 MB
10. DoH DNS Request.mp4	14.7 MB
/.../7. Network Intrusion Detection Systems/
1. Course Roadmap.mp4	636.8 KB
2. Network Intrusion Detection Systems NIDS.mp4	2.0 MB
3. Perimeter NIDS Placement.mp4	4.8 MB
4. Other NIDS Placement.mp4	6.8 MB
5. NIDS Configuration.mp4	11.2 MB
6. Invisibility Analysis IDS and Trust.mp4	1.1 MB
7. IDS Trust Relationships Visualized.mp4	5.1 MB
8. NIDS and Prevention.mp4	958.2 KB
9. NIDS vs Scenario 1 Web Detection.mp4	3.6 MB
10. NIDS vs Scenario 2 Client Detection 1.mp4	5.3 MB
11. NIDS vs Scenario 2 Client Detection 2.mp4	3.3 MB
12. NIDS Scenario 2 Detection FTW.mp4	6.4 MB
/.../8. Network Intrusion Prevention Systems/
1. Course Roadmap.mp4	125.8 KB
2. Network Intrusion Prevention Systems NIPS.mp4	5.1 MB
3. NIPS NGFW.mp4	8.4 MB
4. NIPS and Detection vs Scenario 12.mp4	1.3 MB
5. NIPS vs Scenario 1 Web App Prevention.mp4	763.9 KB
6. NIPS vs Scenario 2 Client Prevention.mp4	696.3 KB
/.../2. Network Security Architecture/9. NextGeneration Firewalls/
1. Course Roadmap 1.mp4	560.5 KB
2. NextGeneration Firewalls NGFW.mp4	1.2 MB
3. Layer 7 Firewalling.mp4	3.2 MB
4. SI vs NGFW Example.mp4	3.6 MB
5. Application IdentificationInspection.mp4	17.8 MB
6. OpenAppId.mp4	3.9 MB
7. Another SI vs NGFW Scenario.mp4	7.2 MB
8. User Visibility and Reputation.mp4	2.0 MB
9. NGFW vs Scenario 1 Web App.mp4	806.0 KB
10. NGFW vs Scenario 2 Client Prevention.mp4	2.9 MB
11. NGFW vs Scenario 2 Client Detection.mp4	1.6 MB
12. Course Roadmap 2.mp4	600.8 KB
13. SEC511 Workbook Application Detection and Control with Snort OpenAppId.mp4	51.2 MB
/.../10. Malware Detonation Devices/
1. Course Roadmap.mp4	5.1 MB
2. Malware Detonation Devices.mp4	14.5 MB
3. MDD Capabilities.mp4	7.9 MB
4. Cuckoo Sandbox.mp4	4.5 MB
5. Malwr.mp4	2.4 MB
6. Malware Detonation vs Scenario 2 Client PreventionDetection.mp4	8.1 MB
/.../11. Entropy and freqpy/
1. Course Roadmap.mp4	161.0 KB
2. A Word on Entropy.mp4	3.4 MB
3. High Entropy Examples.mp4	5.5 MB
4. Programmatic Entropy Analysis.mp4	2.2 MB
5. ent Classic Entropy Analysis.mp4	8.2 MB
6. Assessing ent.mp4	7.6 MB
7. Bring Out the Baggett.mp4	14.3 MB
8. Get Your freqpy On.mp4	2.8 MB
9. freqteststring.mp4	1.9 MB
10. freqing Awesome.mp4	17.7 MB
11. Domain Generation Algorithms DGAs.mp4	6.6 MB
12. DGA Beyond Domain Generation Algorithms.mp4	2.7 MB
13. freqserverpy For freqing at Scale.mp4	7.6 MB
/.../12. Security Information and Event Management SIEM/
1. Course Roadmap.mp4	471.7 KB
2. Security Information and Event Management SIEM.mp4	7.3 MB
3. Data Overload.mp4	3.1 MB
4. SIEM Centralized Log Collection.mp4	3.0 MB
5. DefineSIEM.mp4	3.1 MB
6. Dual Stack SIEM Compliance Tactical.mp4	11.6 MB
7. SIEMs Killer App Log Enrichment.mp4	5.2 MB
8. SIEM and Prevention.mp4	308.7 KB
9. SIEM and Detection.mp4	3.1 MB
/.../13. Adversary Deception Devices/
1. Course Roadmap.mp4	3.3 MB
2. Adversary Deception Devices.mp4	2.2 MB
3. HoneypotsHoneynets.mp4	1.2 MB
4. Traditional Honeypots.mp4	3.8 MB
5. Internal Listening Honeypots.mp4	7.6 MB
6. HighValue Deception.mp4	2.2 MB
7. Tactical Honeypots.mp4	7.3 MB
/.../14. SwitchesPVLAN Security/
1. Course Roadmap.mp4	2.1 MB
2. Switches.mp4	4.5 MB
3. IPFIXNetFlow.mp4	146.1 KB
4. VLAN ACLs VACLs.mp4	4.9 MB
5. CIS 143 Disable WorkstationtoWorkstation Communication.mp4	1.7 MB
6. Private VLANs PVLANs.mp4	4.0 MB
7. Potential Issues with Private VLANs.mp4	4.1 MB
8. Internal SI Firewalls.mp4	982.6 KB
9. SwitchInternal SI Firewall and Pivoting.mp4	4.2 MB
/.../15. Threat Intelligence/
1. Course Roadmap.mp4	812.7 KB
2. Threat Intelligence.mp4	4.6 MB
3. TTPs.mp4	2.3 MB
4. Kill Chain Revisited.mp4	3.0 MB
5. Indicator Identification.mp4	3.9 MB
6. DetectRespond Lifecycle.mp4	11.1 MB
7. Dirty Word List DWL.mp4	1.0 MB
8. IOCs.mp4	2.0 MB
9. File and URL Analysis.mp4	2.0 MB
10. VirusTotal.mp4	1.4 MB
11. Evading AV or AllClear.mp4	651.7 KB
12. URL Analysis.mp4	1.0 MB
13. Other FileURL Analysis.mp4	3.1 MB
/.../16. Section Two Summary/
1. Course Roadmap 1.mp4	8.7 MB
2. Day 2 Punch ListAction Items.mp4	49.8 MB
3. Day 2 TLDR.mp4	22.4 MB
4. Course Roadmap 2.mp4	123.5 KB
5. SEC511 Workbook Honeytokens for Leak Detection.mp4	140.7 MB
6. SEC511 Daily NetWars.mp4	57.4 KB
/.../3. Network Security Monitoring/1. Getting Started/
1. Network Security Monitoring.mp4	1.9 MB
2. Table of Contents 1.mp4	7.2 MB
3. Table of Contents 2.mp4	24.9 MB
4. Course Roadmap.mp4	121.7 KB
5. A Note on Exercises.mp4	3.5 MB
/.../2. Network Security Monitoring Overview/
1. Course Roadmap.mp4	167.2 KB
2. What Is Network Security Monitoring.mp4	4.0 MB
3. What Is Continuous Security Monitoring.mp4	7.5 MB
4. Richard Bejtlich NSM versus CSM.mp4	2.2 MB
5. Its More Complicated than Threats versus Vulnerabilities.mp4	3.1 MB
6. Form a Threating Hunting Team.mp4	6.1 MB
7. Good Hunting.mp4	15.9 MB
8. Threat Hunting Team HowTo.mp4	4.5 MB
/.../3. Evolution of NSM/
1. Course Roadmap.mp4	492.9 KB
2. Evolution of NSM.mp4	2.2 MB
3. The Tao of Network Security Monitoring.mp4	2.9 MB
4. NSM versus NIDS.mp4	1.6 MB
5. Why Not Replace Detection with Prevention.mp4	2.2 MB
6. DBIRMTrends Is Internal Detection Improving.mp4	6.7 MB
7. Bejtlich South Carolina Department of Revenue DoR Case Study.mp4	4.9 MB
8. Case Study NotPetya.mp4	3.2 MB
9. NotPetya Financial Cost.mp4	1.8 MB
10. NotPetya Effects on Ukraine.mp4	1.3 MB
11. NotPetya Effects on Maersk.mp4	1.4 MB
12. Maersk Information Security Improvements.mp4	3.2 MB
/.../4. The NSM Toolbox/
1. Course Roadmap.mp4	165.8 KB
2. The NSM Toolbox.mp4	981.2 KB
3. NSM Distribution.mp4	4.3 MB
4. Security Onion.mp4	2.0 MB
5. Security Onion Included Software.mp4	5.2 MB
6. NSMNIDS Frontends.mp4	2.6 MB
7. Sguil in Action I.mp4	5.8 MB
8. Sguil in Action II.mp4	7.9 MB
9. Sguil in Action III.mp4	11.8 MB
10. NSM Toolbox Wireshark and Tshark.mp4	4.3 MB
11. Wireshark.mp4	14.2 MB
12. Tshark.mp4	6.3 MB
13. NSM Toolbox NIDS.mp4	531.6 KB
14. Bro Zeek.mp4	2.4 MB
15. Origin of Zeek.mp4	1.6 MB
16. ZeekBro Network Security Monitor.mp4	1.2 MB
17. Example Difference between SnortSuricata and ZeekBro.mp4	19.7 MB
18. NSM Toolbox SIEMs.mp4	2.8 MB
/.../3. Network Security Monitoring/5. NIDS Design/
1. Course Roadmap.mp4	1.3 MB
2. Fundamental NIDS Design.mp4	1.6 MB
3. Signature Matching.mp4	3.5 MB
4. How Much Malware Is There.mp4	5.2 MB
5. Blacklisting Is a Failed Approach.mp4	1.5 MB
6. How Difficult Is Signature Evasion.mp4	1.9 MB
7. Answer Not Many.mp4	167.5 KB
8. Protocol Behavior.mp4	7.4 MB
9. Anomaly Detection.mp4	8.1 MB
10. Historical Anomaly Design.mp4	998.2 KB
11. Detecting Specific Anomalies.mp4	2.4 MB
12. Know Thy Network.mp4	7.1 MB
13. There Is No Easy Button.mp4	898.0 KB
/.../3. Network Security Monitoring/6. Analysis Methodology/
1. Course Roadmap.mp4	5.0 MB
2. Analysis Methodology.mp4	5.7 MB
3. Sherlock Holmes on Deduction.mp4	2.0 MB
4. How This Applies to NSM.mp4	6.4 MB
5. NSM Analysis Methodology.mp4	1.5 MB
6. Dirty Word List.mp4	1.6 MB
/.../7. NSM Data Sources/
1. Course Roadmap 1.mp4	165.6 KB
2. NSM Data Sources 1.mp4	2.0 MB
3. NSM Data Sources 2.mp4	476.2 KB
4. Packet Data.mp4	3.2 MB
5. Full Packet Capture.mp4	2.8 MB
6. Storage Required for Full Packet Capture.mp4	1.8 MB
7. Full Packet Capture Tools.mp4	2.3 MB
8. Extracted Data.mp4	6.2 MB
9. Carving Files with Wireshark Step 1 Identify the File.mp4	4.2 MB
10. Step 2 Choose the Conversation and Save As.mp4	1.5 MB
11. Edit the File.mp4	2.3 MB
12. Save the EXE Check the File Type Hash and Scan with Antivirus.mp4	3.9 MB
13. Or Use ZeekBro.mp4	4.2 MB
14. String Data.mp4	2.9 MB
15. Pcap Strings Example.mp4	4.8 MB
16. Flow Data.mp4	3.1 MB
17. Pcap Flow Example Using Tshark.mp4	1.9 MB
18. Transaction Data.mp4	1.5 MB
19. Transaction Data Example.mp4	8.5 MB
20. Statistical Data.mp4	600.7 KB
21. Alert Data.mp4	1.3 MB
22. Example Sguil IDS Alert.mp4	2.8 MB
23. Tagged Data.mp4	1.6 MB
24. SnortSourcefire Tagging Syntax.mp4	2.2 MB
25. Example of a Tagged Rule.mp4	482.2 KB
26. Correlated Data.mp4	1.0 MB
27. Course Roadmap 2.mp4	474.2 KB
28. SEC511 Workbook Pcap Strings and File Carving ZeekBro.mp4	182.7 MB
/.../8. Practical NSM Issues/
1. Course Roadmap.mp4	510.9 KB
2. Practical NSM Issues.mp4	878.5 KB
3. NSM Sensors and Servers.mp4	2.2 MB
4. Security Onion ServerSensor Design.mp4	6.5 MB
5. Practical Issues How to Sniff.mp4	1.2 MB
6. Hubs.mp4	3.1 MB
7. Mirror Ports.mp4	8.0 MB
8. Network Taps.mp4	5.3 MB
9. Port Overload.mp4	1.7 MB
10. Sniffing Virtual Traffic.mp4	1.9 MB
11. NSM Sensor Placement.mp4	68.0 KB
12. Umbrella Sensor.mp4	3.8 MB
13. Sensor Placement.mp4	9.3 MB
14. Practical Issues NTP.mp4	4.2 MB
15. Practical Issues Time Zones and Daylight Saving Time.mp4	4.2 MB
16. Spring Time Difference Between NYC London and Sydney 1.mp4	117.0 KB
/.../3. Network Security Monitoring/9. Cornerstone NSM/
1. Course Roadmap 1.mp4	798.6 KB
2. Cornerstone NSM.mp4	371.8 KB
3. ClientSide Exploits.mp4	1.4 MB
4. ClientSide Example.mp4	459.6 KB
5. ServiceSide Exploits.mp4	2.6 MB
6. ServiceSide Example.mp4	987.2 KB
7. Course Roadmap 2.mp4	775.8 KB
8. SEC511 Workbook Sguil ServiceSide Analysis.mp4	144.1 MB
/.../10. Tracking EXEs/
1. Course Roadmap.mp4	2.2 MB
2. Tracking EXEs 1.mp4	2.1 MB
3. Why Is This Important.mp4	1.1 MB
4. Stage 2 EXE.mp4	3.8 MB
5. Tracking EXEs 2.mp4	2.1 MB
6. Identifying Windows EXEs.mp4	4.4 MB
7. This Program Must Be Run under Win32.mp4	3.1 MB
8. What Is Wrong with This Picture.mp4	7.3 MB
9. Spot the Anomaly.mp4	665.6 KB
10. CIS 12 Boundary Defense.mp4	1.2 MB
11. Predictable Transfer of EXEs.mp4	2.8 MB
12. Defensible Executable Transfers.mp4	1.3 MB
13. How EXEs Should Not Move.mp4	3.7 MB
14. NonDefensible and Suspicious Executable Flow.mp4	1.2 MB
15. Detecting Stage 2 Downloads.mp4	550.8 KB
16. AnomalyBased Detection Is Hard Right.mp4	681.7 KB
17. Targeted AnomalyBased EXE Rule.mp4	7.4 MB
/.../11. Identifying Command and Control Traffic/
1. Course Roadmap.mp4	774.6 KB
2. Identifying Command and Control Traffic.mp4	3.4 MB
3. Malware Phones Home.mp4	6.4 MB
4. Unencrypted pLagUe Botnet C2 Traffic.mp4	3.1 MB
5. Persistent External Network Connections.mp4	4.1 MB
6. Inventory Persistent External Connections.mp4	2.1 MB
7. Three Categories Will Emerge.mp4	3.1 MB
8. C2 Protocols.mp4	3.8 MB
9. ICMP.mp4	2.0 MB
10. Wireshark ICMP Example.mp4	481.6 KB
11. SSH Tunneled via ICMP.mp4	2.6 MB
12. Whitecap One Approach to Detect Malicious ICMP.mp4	14.0 MB
13. Spot the C2.mp4	5.1 MB
14. DNS The Ideal C2 Channel.mp4	4.8 MB
15. Zeus Botnet C2 via DNS.mp4	6.6 MB
16. dnscat2 and Iodine.mp4	4.3 MB
17. dnscat2 Wireshark View.mp4	15.0 MB
18. dnscat2 Whats Happening.mp4	1.7 MB
19. dnscat2 Spotting with ZeekBro.mp4	1.1 MB
20. dnscat2 The Results.mp4	1.2 MB
21. Iodine Raw Tunnel.mp4	2.8 MB
22. Iodine DNS Tunneling.mp4	7.4 MB
23. Iodine Show Me the NULL ZeekBro.mp4	1.1 MB
24. HTTP C2.mp4	2.6 MB
25. HTTP POST C2.mp4	3.3 MB
26. C2 POST Content.mp4	3.4 MB
/.../12. Tracking User Agents/
1. Course Roadmap.mp4	746.3 KB
2. Tracking User Agents 1.mp4	2.8 MB
3. Common User Agent Substrings.mp4	2.4 MB
4. Windows Versions in User Agent Strings.mp4	3.0 MB
5. Abnormal HTTP User Agents.mp4	3.4 MB
6. Tracking User Agents 2.mp4	3.3 MB
7. Our Approach on the Contagio Crimeware Pcap Collection.mp4	7.2 MB
8. Another Method Identify the Shortest UserAgents.mp4	2.4 MB
/.../13. C2 via HTTPS/
1. Course Roadmap.mp4	841.3 KB
2. C2 via HTTPS.mp4	760.7 KB
3. NonEncrypted HTTPS 1.mp4	2.4 MB
4. NonEncrypted HTTPS 2.mp4	1.8 MB
5. SSLTLS without HTTPS.mp4	3.0 MB
6. The HTTPS SSLTLS Handshake.mp4	1.7 MB
7. Normal HTTPS.mp4	3.0 MB
8. Malicious HTTPS.mp4	1.0 MB
9. Follow TCP Stream.mp4	3.0 MB
10. Tor C2.mp4	1.6 MB
11. Tor HTTPS.mp4	965.2 KB
/.../14. Tracking Encryption Certificates/
1. Course Roadmap.mp4	1.0 MB
2. Tracking Encryption Certificates.mp4	1.9 MB
3. Public Key Certificates.mp4	1.4 MB
4. Spot the Difference.mp4	3.5 MB
5. Example X509 Certificate.mp4	1.8 MB
6. Normal X509 issuer Fields.mp4	1.1 MB
7. Detecting Malware.mp4	8.4 MB
8. A Simple Approach to Detecting Malware via Certificates.mp4	4.1 MB
9. Our Approach on the Contagio Crimeware Pcap Collection.mp4	283.4 KB
/.../15. SectionThree Summary/
1. Course Roadmap.mp4	120.4 KB
2. Day 3 Punch ListAction Items.mp4	41.3 MB
3. SEC511 Workbook 5113 Final Exercise.mp4	69.4 MB
4. SEC511 Daily NetWars.mp4	57.5 KB
5. Thank you.mp4	73.7 KB
/.../1. Endpoint Security Architecture Overview/
1. Endpoint Security Architecture 1.mp4	22.6 MB
2. Table of Contents 1.mp4	66.3 MB
3. Table of Contents 2.mp4	78.3 KB
4. Course Roadmap.mp4	144.3 KB
5. Endpoint Security Architecture 2.mp4	4.5 MB
6. CIS Controls Critical Security Controls.mp4	5.9 MB
7. First Five CIS Controls.mp4	4.2 MB
/.../4. Endpoint Security Architecture/2. Windows Endpoints/
1. Course Roadmap.mp4	141.8 KB
2. What We Cover.mp4	620.1 KB
3. Endpoints More Than Windows.mp4	6.6 MB
4. Endpoints More Than Desktops.mp4	8.2 MB
5. Endpoints Beyond DesktopsServers.mp4	2.3 MB
/.../4. Endpoint Security Architecture/3. Patching/
1. Course Roadmap.mp4	598.1 KB
2. Patching.mp4	3.2 MB
3. Patch Timeline Metrics.mp4	20.5 MB
4. Nation States 0days and APT Oh My.mp4	5.2 MB
5. To Test or Not to Test.mp4	5.7 MB
6. Patch Rinse Repeat.mp4	3.0 MB
7. Modern Patching Challenges.mp4	2.3 MB
/.../4. Secure Baseline Configuration/
1. Course Roadmap.mp4	139.6 KB
2. Shadow Brokers Patching Hardening.mp4	2.9 MB
3. Foreverday 0day.mp4	8.4 MB
4. SMBv1 and the West Coast Hippy Lifestyle.mp4	4.9 MB
5. CIS 51 Secure Baseline Configuration.mp4	4.9 MB
6. Building a Baseline Config.mp4	1.6 MB
7. How NOT to Build a Config.mp4	4.0 MB
8. Center for Internet Security.mp4	3.9 MB
9. CIS Benchmarks.mp4	1.6 MB
10. Vendor Guides.mp4	1.0 MB
11. Microsoft Security Compliance Toolkit SCT.mp4	2.5 MB
12. Beyond Vendors and CIS.mp4	1.3 MB
13. Configuration Change Monitoring.mp4	3.3 MB
14. Baseline Monitoring.mp4	8.8 MB
/.../5. EMET and Windows Defender Exploit Guard/
1. Course Roadmap.mp4	709.5 KB
2. CIS 83 EnableDeploy AntiExploitation Technologies.mp4	963.9 KB
3. EMET.mp4	9.2 MB
4. RIP EMET.mp4	6.1 MB
5. EMET Features.mp4	3.8 MB
6. EMET Configuration GUI.mp4	5.8 MB
7. Windows Defender Exploit Guard WDEG.mp4	1.9 MB
8. Windows Defender Technologies in a Table Part 1 from Minerva Labs 1.mp4	11.6 MB
9. Windows Defender Technologies in a Table Part 2 from Minerva Labs 1.mp4	1.9 MB
/.../6. Application Monitoring and Sysmon/
1. Course Roadmap 1.mp4	3.1 MB
2. Application Monitoring.mp4	1.5 MB
3. Log Full Command Line of All Processes.mp4	7.4 MB
4. Security Event ID 4688.mp4	8.8 MB
5. Command Lines to Look For.mp4	2.6 MB
6. Meterpreter Payload Not So Normal.mp4	18.6 MB
7. PowerShell Logging.mp4	899.4 KB
8. Microsoft Sysinternals Sysmon.mp4	1.2 MB
9. Sysmon Application Monitoring.mp4	6.5 MB
10. Sysmon Capabilities.mp4	9.3 MB
11. Sysmon Syntax.mp4	2.9 MB
12. Example Sysmon XML Configuration.mp4	19.6 MB
13. IMPHASH Hash.mp4	8.5 MB
14. Sysmon Event Filtering.mp4	4.2 MB
15. Sysmon Event Filtering II.mp4	2.1 MB
16. Detecting Unusual and Unsigned Drivers and Images with Sysmon.mp4	6.4 MB
17. BeltandSuspenders Detective Whitelisting Process.mp4	8.8 MB
18. DeepWhite.mp4	4.3 MB
19. Course Roadmap 2.mp4	148.9 KB
20. SEC511 Workbook Sysmon.mp4	146.1 MB
/.../4. Endpoint Security Architecture/7. Application Whitelisting/
1. Course Roadmap.mp4	1.4 MB
2. CIS 27 Utilize Application Whitelisting.mp4	772.5 KB
3. Application Whitelisting.mp4	685.6 KB
4. Application not file Whitelist.mp4	5.1 MB
5. The Whitelist.mp4	13.0 MB
6. Whitelist Integrity.mp4	2.2 MB
7. Typical Flow of Executables.mp4	1.4 MB
8. Acquiring Innocuous Binaries.mp4	1.9 MB
9. Evil Executable Propagation.mp4	1.4 MB
10. Identification of Source.mp4	13.3 MB
11. ZoneIdentifier.mp4	1.3 MB
12. Whitelisting Administrative Overhead.mp4	5.5 MB
13. Phase 0 Whitelist Building.mp4	568.7 KB
14. NSRL RDS Reference Dataset.mp4	2.9 MB
15. FieldedSystem Executables.mp4	5.3 MB
16. PreFielded System Executables.mp4	2.7 MB
17. Trusting Signed Binaries by Specific Vendors.mp4	3.0 MB
18. NIST Special Publication 800167 Guide to Application Whitelisting.mp4	1.2 MB
19. Hybrid Approach.mp4	3.0 MB
20. Phase 1 Targeted Detection.mp4	4.6 MB
21. TrueFalse Positive.mp4	2.8 MB
22. Phase 1 Duration.mp4	1.2 MB
23. Phase 2 Strict Enforcement.mp4	2.7 MB
24. Blocking Detection.mp4	4.2 MB
25. Trusted Binaries.mp4	1.1 MB
26. Previously Trusted Binaries.mp4	3.5 MB
27. Hash Bypass.mp4	2.8 MB
28. Arent advanced attackers moving towards code and DLL injection.mp4	1.6 MB
29. Advanced Application Whitelisting.mp4	1.0 MB
30. Linux AppArmor.mp4	1.1 MB
31. Software Restriction Policies.mp4	2.4 MB
32. AppLocker.mp4	1.5 MB
33. AppLocker Phase 0 Rule Creation.mp4	4.0 MB
34. AppLocker Phase 1 Audit Only.mp4	567.9 KB
35. Audit Only Mode.mp4	293.5 KB
/.../4. Endpoint Security Architecture/8. Administrative Accounts/
1. Course Roadmap.mp4	3.9 MB
2. Inevitable Exploitation.mp4	3.8 MB
3. Adversary Privilege.mp4	2.4 MB
4. Privileged Accounts.mp4	287.3 KB
5. Administrative Accounts.mp4	1.7 MB
6. How Many Administrative Accounts.mp4	4.3 MB
7. What Does Admin Mean.mp4	4.4 MB
8. RightsPermissions.mp4	2.7 MB
9. Builtin Administrator.mp4	12.2 MB
10. Builtin Administrator Passwords.mp4	3.9 MB
11. Local Administrator Password Solution LAPS.mp4	10.4 MB
12. Service Accounts.mp4	11.7 MB
13. LSA Secrets.mp4	4.1 MB
/.../4. Endpoint Security Architecture/9. Privilege Monitoring/
1. Course Roadmap 1.mp4	528.1 KB
2. Privileged Account Monitoring.mp4	2.5 MB
3. NTFS Permissions.mp4	2.0 MB
4. exploitwindowslocalservicepermissions.mp4	3.9 MB
5. User Rights and Privileges.mp4	5.7 MB
6. Key User Rights.mp4	2.4 MB
7. Key Privileges.mp4	11.9 MB
8. Persistence.mp4	4.5 MB
9. ASEPs.mp4	2.4 MB
10. Autoruns.mp4	2.0 MB
11. Course Roadmap 2.mp4	137.7 KB
12. SEC511 Workbook Autoruns.mp4	109.0 MB
/.../10. Privilege Reduction/
1. Course Roadmap.mp4	2.3 MB
2. Reducing Privileges.mp4	6.0 MB
3. UAC Less Privilege Is More Security.mp4	4.9 MB
4. But Im an Admin.mp4	4.8 MB
5. Loser PowerShell.mp4	857.1 KB
6. Admin Unelevated PowerShell.mp4	4.9 MB
7. Admin Elevated PowerShell.mp4	6.3 MB
8. Magic Local Admin.mp4	1.5 MB
9. No More UAC Bypassing Magic Admin.mp4	1.0 MB
10. Process Monitor.mp4	12.5 MB
11. Process Monitor Access Denied.mp4	633.7 KB
12. Application Compatibility Toolkit ACT.mp4	3.6 MB
13. LUA Buglight.mp4	1.2 MB
/.../4. Endpoint Security Architecture/11. Authentication/
1. Course Roadmap.mp4	4.2 MB
2. Authentication.mp4	1.5 MB
3. Passwords.mp4	1.4 MB
4. Password ReuseSynchronization.mp4	7.7 MB
5. Windows Password Hashes.mp4	1.5 MB
6. Windows A Low Sodium Architecture.mp4	9.9 MB
7. No Salt Illustrated.mp4	9.0 MB
8. LMLaMe.mp4	12.6 MB
9. Is LM Finally behind Us.mp4	2.8 MB
10. NT.mp4	5.5 MB
11. Password Storage.mp4	6.1 MB
/.../12. Security Support Provider/
1. Course Roadmap.mp4	681.9 KB
2. Security Support Provider SSP.mp4	4.9 MB
3. SSP Impact of Single SignOn.mp4	4.0 MB
4. SSP WDigest.mp4	3.9 MB
5. WDigest FAIL.mp4	850.3 KB
6. Microsoft Live Accounts LiveSSP.mp4	1.5 MB
7. Microsoft Account Password Lengths and Truncation.mp4	12.9 MB
8. Lets Try That Again.mp4	667.4 KB
9. LiveSSP FAIL.mp4	4.0 MB
/.../4. Endpoint Security Architecture/13. PostAuthentication/
1. Course Roadmap.mp4	685.5 KB
2. PostAuthentication.mp4	2.6 MB
3. Logon Types.mp4	3.6 MB
4. Access Tokens.mp4	4.5 MB
5. Token Impersonation Levels.mp4	1.3 MB
6. Impersonate Tokens.mp4	616.2 KB
7. Delegate Tokens.mp4	5.3 MB
/.../14. Advanced Authentication Attacks/
1. Course Roadmap.mp4	554.0 KB
2. PasstheHash.mp4	8.6 MB
3. Token Smuggling Pass the Session.mp4	4.0 MB
4. Pass the Password.mp4	3.7 MB
5. Mandiant MTrends on Mimikatz.mp4	1.8 MB
6. The Sed Persistent Threat SPT.mp4	6.3 MB
7. This Dog Can Hunt.mp4	926.0 KB
8. WhackaMole.mp4	777.0 KB
9. Announcing Mimiyakz The Sed Persistent Threat SPT Strikes Again.mp4	2.7 MB
10. Advanced Authentication Attack Mitigations.mp4	18.8 MB
11. MultiFactor Authentication MFA.mp4	3.9 MB
/.../15. Endpoint Protection Platforms EPP/
1. Course Roadmap 1.mp4	2.1 MB
2. Endpoint Protection Platforms EPP.mp4	15.3 MB
3. EPP AntivirusAntimalware.mp4	3.3 MB
4. EPP HostBased Firewall CIS 94.mp4	196.6 KB
5. Windows Defender Firewall.mp4	5.0 MB
6. Default WDFAS.mp4	1.2 MB
7. Not Windows Defender Firewall.mp4	2.7 MB
8. Course Roadmap 2.mp4	142.3 KB
9. ASD Mitigation Strategy HostBased IDS.mp4	1.3 MB
10. HostBased IDS.mp4	3.8 MB
11. Gains from HIDS.mp4	1.5 MB
12. Approaches to HIDS.mp4	2.1 MB
13. Detection without Response.mp4	4.8 MB
14. ASD Mitigation Strategy Endpoint Detection and Response.mp4	2.3 MB
15. Endpoint Detection and Response EDR.mp4	10.4 MB
16. Host Detection without HIDSEDR.mp4	2.3 MB
/.../16. Section 4 Summary/
1. Course Roadmap 1.mp4	43.2 MB
2. Day 4 Punch ListAction Items.mp4	115.7 KB
3. Day 4 TLDR.mp4	117.2 KB
4. Course Roadmap 2.mp4	148.0 KB
5. SEC511 Workbook AppLocker.mp4	55.3 MB
6. SEC511 Daily NetWars.mp4	57.7 KB
/.../1. Continuous Security Monitoring Overview/
1. Automation and Continuous Security Monitoring.mp4	17.7 MB
2. Table of Contents 1.mp4	55.3 MB
3. Table of Contents 2.mp4	80.8 KB
4. Course Roadmap.mp4	135.8 KB
5. What Is Continuous Security Monitoring.mp4	3.3 MB
6. Acronym Soup.mp4	3.0 MB
7. The US Government and Continuous Monitoring.mp4	1.1 MB
8. DoD Risk Management Framework.mp4	10.4 MB
9. Bejtlich on RMF.mp4	7.4 MB
10. Department of Homeland Securitys CDM.mp4	11.2 MB
11. Bejtlich on CDM.mp4	726.2 KB
12. NIST SP 800137.mp4	834.0 KB
13. NIST Special Publication 800137.mp4	1.1 MB
14. NIST SP 800137 Automation Domains.mp4	18.4 MB
15. NIST SP 800137 What to Do Not How to Do It.mp4	625.0 KB
16. Spotting the Adversary with Windows Event Log Monitoring Version 2.mp4	3.7 MB
17. The US Governments Take on CSM Lessons Learned.mp4	2.9 MB
18. Our Approach to CSM.mp4	1.5 MB
/.../2. Industry Best Practices/
1. Course Roadmap.mp4	589.4 KB
2. Industry Best Practices.mp4	4.2 MB
3. CIS Controls.mp4	3.4 MB
4. ASD Strategies to Mitigate Cyber Security Incidents.mp4	2.3 MB
5. Top 4 Mitigation Strategies.mp4	10.5 MB
6. ASD Essential Eight Prevent Malware Delivery and Execution.mp4	8.9 MB
7. ASD Essential Eight Limit Extent of Incidents.mp4	737.1 KB
8. ASD Essential Eight Recover Data and System Availability.mp4	2.5 MB
9. The ASD Top 4 Focus on Prevention.mp4	2.3 MB
10. ASD Mitigation Strategies to Detect and Respond.mp4	15.4 MB
/.../3. Winning CSM Techniques/
1. Course Roadmap.mp4	576.4 KB
2. Winning CSM Techniques.mp4	446.2 KB
3. Monitoring a NonDefensible Network.mp4	12.2 MB
4. Focus on Critical Systems and Data.mp4	7.4 MB
5. FIPS 199 on SBU Classification.mp4	1.1 MB
6. Data Classification HowTo.mp4	3.5 MB
7. High Data in All the Wrong Places.mp4	5.9 MB
8. Protect High Data.mp4	2.2 MB
9. Windows Data Classification Tools.mp4	9.9 MB
10. Detecting Change.mp4	938.2 KB
11. Solve Problems as They Are Discovered.mp4	3.9 MB
12. The Broken Windows Theory.mp4	6.8 MB
13. Broken Windows Theory of Defensible Networks.mp4	2.4 MB
14. Key CSM Technique Long Tail Analysis.mp4	2.5 MB
15. The Long Tail 1.mp4	19.4 MB
16. Lets Try Long Tail Analysis on Windows Security Logs.mp4	53.3 MB
17. The Long Tail 2.mp4	74.1 KB
/.../4. Maintaining Situational Awareness/
1. Course Roadmap.mp4	139.0 KB
2. Maintaining Situational Awareness.mp4	10.3 MB
3. Useful Sites.mp4	1.3 MB
/.../5. Host and Service Discovery/
1. Course Roadmap 1.mp4	1.2 MB
2. Know Thy Software.mp4	1.7 MB
3. Cant Secure What You Dont Have or Dont Know You Have.mp4	2.0 MB
4. Inventory and Control of Hardware Assets.mp4	486.6 KB
5. Inventories.mp4	2.3 MB
6. Asset Inventory.mp4	1.8 MB
7. Host Port and Service Discovery.mp4	1.9 MB
8. Active Scanning.mp4	766.0 KB
9. Always Test.mp4	10.7 MB
10. Nmap.mp4	1.3 MB
11. Ndiff.mp4	2.7 MB
12. Course Roadmap 2.mp4	139.2 KB
13. SEC511 Workbook Inventory.mp4	29.1 MB
/.../6. Passive OS Detection/
1. Course Roadmap 1.mp4	6.3 MB
2. Passive Host Discovery.mp4	12.2 MB
3. Passive Scanning.mp4	4.8 MB
4. p0f version 3.mp4	6.6 MB
5. PRADS.mp4	3.8 MB
6. Raw PRADS Log View in Gnumeric Spreadsheet.mp4	826.3 KB
7. Lets Clean That Up a Bit.mp4	466.1 KB
8. CleanedUp Output.mp4	1.7 MB
9. Course Roadmap 2.mp4	122.4 KB
10. SEC511 Workbook p0f v3.mp4	32.5 MB
/.../5. Automation and Continuous Security Monitoring/7. Vulnerability Scanning/
1. Course Roadmap.mp4	137.5 KB
2. Vulnerability Scanning.mp4	4.9 MB
3. CIS 31 Vulnerability Scanning.mp4	4.6 MB
4. Security Content Automation Protocol SCAP.mp4	3.2 MB
5. OpenVAS.mp4	3.4 MB
6. VulnWhisperer.mp4	6.3 MB
/.../5. Automation and Continuous Security Monitoring/8. Monitoring Patching/
1. Course Roadmap.mp4	2.7 MB
2. Monitoring Patching.mp4	909.5 KB
3. Standalone Microsoft Patch Scanning.mp4	3.6 MB
4. GetMissingUpdates.mp4	2.4 MB
5. Linux Patch Compliance.mp4	4.5 MB
6. Quick and Dirty Linux Patch Checks.mp4	5.1 MB
/.../9. Monitoring Service Logs/
1. Course Roadmap.mp4	616.5 KB
2. Monitoring Service Logs.mp4	7.5 MB
3. CIS 87 Malware Defenses.mp4	1.2 MB
4. Check Your DNS.mp4	3.2 MB
5. Enable DNS Query Logging on Windows 20082012.mp4	3.4 MB
6. DNS Analytical Logging on Windows 2012R2.mp4	7.6 MB
7. Enable Query Logging on Bind 9.mp4	496.2 KB
8. Enable Response Logging on Bind 9.mp4	2.1 MB
9. Now Were Logging DNS Whats Next.mp4	10.9 MB
10. DNS over HTTPS DoH and DNS over TLS DoT.mp4	1.6 MB
11. DoH and DoT.mp4	1.8 MB
12. FirefoxDoH.mp4	5.7 MB
13. ChromeDoH.mp4	4.3 MB
/.../10. Monitoring Change to Devices and Appliances/
1. Course Roadmap.mp4	940.4 KB
2. Monitoring Change in Critical Devices and Appliances.mp4	1.8 MB
3. Two Approaches to Detect Device Change.mp4	2.2 MB
4. BuiltIn Change Detection Cisco Routers.mp4	2.4 MB
5. HowTo Configuration Change Notification and Logging.mp4	517.6 KB
/.../11. Leveraging Proxy and Firewall Data/
1. Course Roadmap.mp4	788.9 KB
2. Leveraging Proxy and Firewall Data.mp4	1.8 MB
3. CIS 129 Boundary Defense.mp4	660.3 KB
4. Mandatory Proxies.mp4	1.9 MB
5. Proxies Rule.mp4	3.1 MB
6. Behavioral Proxy Checks.mp4	3.9 MB
7. Case Study Naked Downloads.mp4	2.3 MB
8. Proxies Allow Easy Detection of C2.mp4	2.2 MB
9. Leveraging Firewall Logs.mp4	2.2 MB
10. CIS 6 Audit Logs.mp4	1.8 MB
11. Bots Love Spam.mp4	12.1 MB
12. Which Outbound Ports to BlockLogAlert.mp4	2.3 MB
/.../12. Monitoring Critical Windows Events/
1. Course Roadmap 1.mp4	473.7 KB
2. Monitoring Critical Windows Events.mp4	7.1 MB
3. Windows Event Log Locations.mp4	5.6 MB
4. Damaged Windows Event Logs.mp4	3.7 MB
5. Viewing Windows Security Event Logs.mp4	1.7 MB
6. Exporting Event Logs.mp4	1.4 MB
7. Critical Windows Event to Monitor.mp4	5.1 MB
8. Detecting Malice via Windows Events.mp4	1.2 MB
9. Critical Event 1 CommandLine Auditing.mp4	4.0 MB
10. Local View Meterpreter Payload.mp4	10.7 MB
11. Critical Event 2 Service Creation.mp4	1.5 MB
12. Event IDs 7045 and 4697 normal Service Creation.mp4	2.0 MB
13. Attacker Uses Metasploit PsExec Exploit.mp4	7.1 MB
14. How Does This Differ from Normal PsExec.mp4	1.3 MB
15. System Event ID 7045 Sysinternals versus Metasploit PsExec.mp4	4.1 MB
16. System Event ID 7030 Track Errors.mp4	1.7 MB
17. A Word on Scripting and Automation.mp4	1.4 MB
18. Critical Event 3 User Creation.mp4	3.0 MB
19. Event Viewer Security Log View net user sec511 sekrit add.mp4	2.1 MB
20. Critical Event 4 Adding Users to Privileged Groups.mp4	2.5 MB
21. Event Viewer Security Log View net localgroup administrators sec511 add.mp4	792.5 KB
22. Tracking Changes to Domain Groups.mp4	1.0 MB
23. Critical Event 5 Clearing Event Logs.mp4	4.9 MB
24. Critical Event 6 Terminal Services Certificate Creation.mp4	2.3 MB
25. Event Viewer System Log View.mp4	2.9 MB
26. Critical Event 7 External Media Detection.mp4	3.2 MB
27. Event Viewer System Log View New USB Drive.mp4	2.5 MB
28. Critical Event 8 Disabling the Firewall.mp4	2.9 MB
29. Event Viewer View Disabling the Firewall.mp4	1.9 MB
30. Adding Specific Firewall Rules.mp4	2.4 MB
31. Critical Event 9 Detecting Lateral Movement.mp4	10.5 MB
32. Use of Local versus Domain Credentials.mp4	3.0 MB
33. Track the Use of Local Credentials via the Network.mp4	7.9 MB
34. PasstheHash Detection.mp4	1.7 MB
35. Attacker View Metasploit PsExec PasstheHash 1.mp4	8.9 MB
36. Attacker View Metasploit PsExec PasstheHash 2.mp4	782.1 KB
37. Didnt Microsoft Fix This.mp4	8.2 MB
38. PasstheHash and Lateral Movement Mitigation.mp4	1.9 MB
39. Critical Event 10 AppLocker Alerts.mp4	1.4 MB
40. Critical Event 11 EMET Alerts.mp4	1.2 MB
41. Summary Critical Windows Events to Monitor.mp4	1.7 MB
42. Course Roadmap 2.mp4	1.1 MB
43. SEC511 Workbook Windows Event Logs.mp4	40.3 MB
/.../13. Scripting and Automation/
1. Course Roadmap.mp4	2.6 MB
2. Importance of Automation.mp4	2.6 MB
3. Automation Example Windows Startup Registry Keys.mp4	1.8 MB
4. What Does a Malicious Startup Registry Key Look Like.mp4	1.2 MB
5. Windows Registry Startup Keys.mp4	2.7 MB
6. Remotely Accessing Registry Keys.mp4	876.3 KB
7. Example PowerShell Script.mp4	2.4 MB
8. Next Step Long Tail Analysis.mp4	4.3 MB
9. Then Automate.mp4	1.1 MB
10. DeepBlueCLI.mp4	6.4 MB
11. DeepBlueCLI Partial List of Detected Events.mp4	2.5 MB
12. DeepBlueCLI Regex Matching Command Lines.mp4	1.7 MB
13. DeepBlueCLI Whitelist.mp4	1.7 MB
14. DeepBlue CLI Base64 andor Compressed Commands.mp4	1.2 MB
15. Use Case Petya.mp4	1.4 MB
16. Use Case SamSam Spreading via WMI and PsExec.mp4	2.7 MB
17. Test PowerShell Command.mp4	7.2 MB
18. Use Case DeepBlueCLI vs PowerShell via WMIC and PsExec.mp4	2.3 MB
/.../14. PostIntrusion Detection/
1. Course Roadmap.mp4	1.1 MB
2. PostIntrusion Detection.mp4	2.1 MB
3. Memory Analysis.mp4	2.9 MB
4. Redline.mp4	2.9 MB
5. Kansa Go BigWide or Go Home.mp4	7.0 MB
/.../15. Section 5 Summary/
1. Course Roadmap.mp4	1.4 MB
2. Day 5 Punch ListAction Items.mp4	27.6 MB
3. SEC511 Workbook Persistence and Pivoting.mp4	79.4 MB
4. SEC511 Daily NetWars.mp4	58.2 KB
5. Thank You.mp4	66.9 KB
/.../16. Appendix Centralize Windows Event Logs MBSA/
1. Appendix Centralize Windows Event Logs MBSA.mp4	141.3 KB
2. Configuring Centralized Windows Event Log Collection.mp4	107.3 KB
3. Collectors and Sources.mp4	112.9 KB
4. Configuring Centralized Logging 1.mp4	117.0 KB
5. Configuring Centralized Logging 2.mp4	104.0 KB
6. Create Two Groups.mp4	114.5 KB
7. Add Computers to Groups.mp4	117.2 KB
8. Windows Remote Management.mp4	93.9 KB
9. Enable the Windows Event Collector.mp4	93.7 KB
10. Creating the Subscription in Event Viewer.mp4	84.0 KB
11. Choose Events.mp4	77.7 KB
12. Complete Subscription.mp4	95.4 KB
13. Default Windows Vista and Newer Settings.mp4	88.0 KB
/.../1. Capstone Design Detect Defend/
1. Section 6 Capstone Design Detect Defend.mp4	4.6 MB
2. Capstone Overview.mp4	55.3 MB
3. Section 6 Continuous Monitoring and Security Operations Capstone.mp4	1.3 GB
Total files 972