Continuous Monitoring with PowerShell

Focused View

Liam Cleary

3:38:10

92 View

1. Course Overview

1. Course Overview.mp4

02:39

02. Performing a Network Discovery

01. Agenda.mp4

00:54

02. Pinging Individual Networked Devices.mp4

09:02

03. Pinging Multiple Networked Devices.mp4

04:06

04. Demo - Ping Individual and Multiple Networked Devices.mp4

02:18

05. Demo - Ping Individual and Multiple Networked Devices Using .NET API.mp4

04:20

06. Demo - Ping Individual and Multiple Networked Devices Using CIM.mp4

01:51

07. Demo - Create Reusable Ping Function.mp4

06:57

08. Identifying Network Devices.mp4

03:48

09. Demo - Perform Name Resolution.mp4

04:21

10. Demo - Perform Name Resolution Using Nmap.mp4

02:05

11. Demo - Perform Name Resolution Using PowerShell.mp4

05:41

12. Creating an Asset List of Networked Devices.mp4

01:21

13. Demo - Create an Asset List of Networked Devices.mp4

08:47

14. Summary.mp4

00:54

3. Enumerating Services and Processes

1. Agenda.mp4

00:25

2. Identify Open Ports on Individual and Multiple Networked Devices.mp4

06:58

3. Demo - Create a Port [Echo] Server.mp4

07:45

4. Demo - Use the .NET API, Nmap, and a 3rd Party PowerShell Modules for Port Scanning.mp4

06:13

5. Identifying Running Processes and Services on Devices.mp4

04:10

6. Demo - Check for Running Services and Processes.mp4

06:16

7. Summary.mp4

00:43

4. Using the Common Information Model (CIM) Cmdlets to Inspect the Windows Operating System

1. Agenda.mp4

00:32

2. Using the Invoke-Command for Querying.mp4

01:07

3. Demo - Use the Invoke-Command.mp4

04:03

4. Understanding CIM PowerShell Commands.mp4

02:29

5. Using the Get-CimInstance and Invoke-CimMethod Comm.mp4

09:10

6. Summary.mp4

00:30

05. Collect Data from Multiple Machines for Analysis

01. Agenda.mp4

00:37

02. Understanding PowerShell Remoting.mp4

03:31

03. Demo - Enable PowerShell Remoting Using WS-MAN.mp4

05:44

04. Using SSH for Remoting to Windows and Linux.mp4

02:22

05. Demo - Prepare a Windows client and Ubuntu Linux for SSH Remoting, and Connect to Windows.mp4

06:40

06. Demo - Connect to a Linux Machine Using PowerShell Remoting Over SSH.mp4

04:22

07. Exporting Log Data from Remote Machines.mp4

05:23

08. Demo - Connect to a Windows Machine and Export Event Log Entries.mp4

09:06

09. Demo - Connect to a Linux Machine and Export Log Entries.mp4

08:03

10. Creating Scheduled Tasks Using PowerShell.mp4

03:06

11. Demo - Creating Scheduled Tasks Using PowerShell.mp4

12:25

12. Summary.mp4

00:35

06. Querying Exported Data for Process or Service Anomalies

01. Agenda.mp4

00:35

02. Analyzing Event Logs for Anomalies.mp4

05:52

03. Demo - Exporting and Querying Event Logs.mp4

06:26

04. Demo - Exporting Event Logs to CSV and XML.mp4

05:43

05. Writing Queries for Event Logs.mp4

03:47

06. Demo - Writing Queries Using FilterHashtable and Where-Object.mp4

05:25

07. Demo - Writing Queries Using FilterXML, FilterXPath, and More.mp4

07:20

08. Importing Event Log Entries into a Database.mp4

01:06

09. Demo - Import Event Log Entries into a Database.mp4

07:39

10. Demo - Query Event Log Entries in the Database and Re-import Entries.mp4

01:48

11. Summary.mp4

01:10

Description

PowerShell has many capabilities that support security management and analysis. This course will teach you how to continuously monitor network devices and computers using PowerShell.

What You'll Learn?

Security monitoring and management are key tasks that every security analyst needs to perform. To enhance this process, scripting languages can provide an easy mechanism for aggregating data and querying. In this course, Continuous Monitoring with PowerShell, you’ll learn how to use PowerShell to provide a querying solution for log data. First, you’ll understand how to query the network to create an asset list of devices. Next, you’ll discover how to use that asset list and perform a deeper inspection of the devices identifying ports, services,

processes, and endpoints. Next, you’ll learn how to use the Common Information Model (CIM) cmdlets and how they enhance the entire analysis process. Finally, you’ll learn how to remotely connect to devices, export log data, and perform security analysis. You will then automate this process by scripting it all together and creating a scheduled task. When you are finished with this course, you’ll have the skills and knowledge of using PowerShell to assist in continuously monitoring network devices and computers, for performing security analysis.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Monitoring

PowerShell

Liam Cleary

Instructor's Courses

Liam began his career as a trainer of all things computer-related. He quickly realized that programming, breaking, and hacking were much more fun. He spent the next few years working within core infrastructure and security services. He is the founder and owner of SharePlicity, a consulting company that focuses on all technology areas. His role within SharePlicity is to help organizations implement technology to enhance internal and external collaboration, document and records management, automate business processes, and security controls and protection. He is a Microsoft MVP and Microsoft Certified Trainer, focusing on architecture, security, and crossing the boundary into software development. Over the past few years, his specialty has been security in Microsoft 365 and its surrounding platforms. He can often be found at user groups or conferences, offering advice, spending time in the community, teaching his kids how to code, raspberry PI programming, hacking the planet, building Lego robots, or coaching soccer.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.