Students in the ALA Course learn to analyze log files, an essential step in the process of reviewing evidence. They examine techniques for searching and filtering binary logs; for formatting log data; for extracting data from log files, including data transfers found in captured network traffic; and for identifying the artifacts associated with different stages of a network intrusion. Practical exercises reinforce material covered in lecture and class discussion, and give students hands-on experience with log file analysis.
COURSE LEVEL Discuss the process of log analysis Filter and search both text and log files Extract elements of data from individual log entries Format and display log data in various ways Extract data transfers of different types from captured network traffic Describe and define intrusion detection • Identify log-based artifacts associated with the different stages of a network intrusion
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.