中This is the sixth course in the Google Cybersecurity Certificate. Learners will focus on incident detection and response. They will learn what defines a security incident and explain the incident response lifecycle, including the roles and responsibilities of incident response teams. Learners will analyze and interpret network communications to detect security incidents using packet sniffing tools to capture network traffic. By assessing and analyzing artifacts, learners will explore the incident investigation and response processes and procedures. Additionally, they will develop a conceptual overview of log data and their role in intrusion detection systems (IDS) and Security Information Event Management (SIEM) tools. Learners who complete this certificate will be equipped to apply for entry-level cybersecurity roles. No previous experience is necessary.
您将学到什么
Identify the steps to contain, eradicate, and recover from an incident
Analyze packets to interpret network communications
Understand basic syntax, components of signatures and logs in Intrusion Detection Systems (IDS) and Network Intrusion Detection Systems (NIDS) tools
Perform queries in Security Information and Event Management (SIEM) tools to investigate an event
您将获得的技能
要了解的详细信息
添加到您的领英档案
25 项作业
了解顶级公司的员工如何掌握热门技能
积累 Computer Security and Networks 领域的专业知识
- 向行业专家学习新概念
- 获得对主题或工具的基础理解
- 通过实践项目培养工作相关技能
- 通过 Google 获得可共享的职业证书
该课程共有4个模块
This module provides an overview of detection and incident response. Learners will explore how security professionals verify and respond to malicious threats. Learners will also become familiar with the steps involved in incident response. This overview will be the foundation for the next module.
涵盖的内容
12个视频7篇阅读材料6个作业1个插件
In this module, learners will be provided with an overview of network analysis tools more commonly referred to as “packet sniffers”. In particular, learners will sniff the network and analyze packets for malicious threats. Learners will also craft common filtering commands in both tcpdump and Wireshark to analyze the contents of packet capture.
涵盖的内容
9个视频10篇阅读材料5个作业4个应用程序项目
In this module, Learners will explore the various processes and procedures in the stages of incident detection, investigation, analysis, and response as framed by NIST. They will utilize VirusTotal as an investigative tool to analyze the details of suspicious file hashes. Learners will recognize the importance of documentation and evidence collection during the detection and response stages. Finally, learners will approximate an incident’s chronology by mapping artifacts to reconstruct an incident’s timeline.
涵盖的内容
11个视频11篇阅读材料7个作业2个插件
In this module, learners will be provided with a conceptual overview of logs and their role in intrusion detection systems (IDSs) and Security Information and Event Management tools (SIEMs). The module will discuss the general concept of an IDS and how it works to detect attacks before highlighting specific IDS and SIEM products, such as Suricata, Splunk, Google SecOps (Chronicle), and Wazuh, respectively. Learners will then develop an understanding of how to access and navigate within Suricata and how basic rules are set up to provide alerts, events, and logs for malicious network traffic. This module will conclude with an introduction to Splunk, Google SecOps (Chronicle), and Wazuh, and will showcase some of their features, including common commands for search queries.
涵盖的内容
14个视频13篇阅读材料7个作业2个应用程序项目2个插件
获得职业证书
将此证书添加到您的 LinkedIn 个人资料、简历或履历中。在社交媒体和绩效考核中分享。
位教师
提供方
从 Computer Security and Networks 浏览更多内容
状态:免费试用
状态:免费试用
状态:免费试用Cisco Learning and Certifications
人们为什么选择 Coursera 来帮助自己实现职业发展
学生评论
3,194 条评论
- 5 stars
84.33%
- 4 stars
11.28%
- 3 stars
2.97%
- 2 stars
0.68%
- 1 star
0.71%
显示 3/3194 个
已于 Jul 11, 2024审阅
I loved this coursed and learned so much. The only thing I would have liked to see is if the all of the SIEM tools were integrated into a lab like many of the other labs are directly in the courses.
已于 May 8, 2025审阅
The professor’s teaching is excellent, making complex topics easy to understand. The study material provided is also awesome and very helpful for learning. Highly recommended!
已于 Oct 16, 2023审阅
Learnt a lot about SIEM tools and much more that are all ready to be applied in the job. Thanks a lot to Google and Coursera for such a wonderful session.
常见问题
To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.
更多问题
提供助学金,