SECOPS: Data Normalization and 5-Tuple Correlation

SECOPS: Data Normalization and 5-Tuple Correlation

Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level

Overview/Description

Explore the concept of data normalization and why it should be used. Discover 5-Tuple, how it correlates in events, and how it can be used to identify compromised hosts in logs.

Expected Duration (hours)
0.6

Lesson Objectives

SECOPS: Data Normalization and 5-Tuple Correlation

describe the process of normalization, why it's required, and how to give data values a universal format for data analysis

describe 5-Tuple, how it correlates in events, and how it can be used to isolate and identify a compromised host in logs

Course Number:
it_secopstv_18_enus

Expertise Level
Intermediate