TryHackMe Advent of Cyber 2023 Day 13 | Intrusion Detection

It's Day 13 of the Advent of Cyber 2023! Intrusion detection and prevention is a critical component of cyber security aimed at identifying and mitigating threats. When set up early, intrusion detection becomes a proactive security measure. However, in our story, the Best Festival Company has to develop ways to improve their security, given the magnitude of the recent breaches. In this epic task, we'll embark on a thrilling journey through fundamental concepts, detection strategies, and the application of the Diamond Model of Intrusion Analysis in defensive security. Get ready to learn to understand incident analysis through the Diamond Model, identify defensive strategies that can be applied to the Diamond Model, and learn to set up firewall rules and a honeypot as defensive strategies! If you enjoy my TryHackMe videos and are interested in signing up for a subscription, use my affiliate link, I highly appreciate it! https://tryhackme.com/signup?referrer=603aa8c1190a0a7c5296510f https://tryhackme.com/room/adventofcyber2023 UFW Command Cheatsheet: https://www.instagram.com/p/CzH22T9AEfY/ PenTBox: https://github.com/technicaldada/pentbox NMAP Cheatsheet: https://cdn.comparitech.com/wp-content/uploads/2019/06/Nmap-Cheat-Sheet-1.webp All my TryHackMe Room Walkthroughs: https://www.youtube.com/playlist?list=PLw78nfbi6DWicitiVxtPdaMDfnawOWQe0 00:00 - Advent of Cyber Day 13 Intro 02:53 - Incident Analysis with the Diamond Model 08:45 - Defensive Strategies with the Diamond Model 12:33 - Fundamentals of Firewalls 16:12 - How to Configure an Uncomplicated Firewall (UFW) 21:50 - Fundamentals of Honeypots 22:56 - How to Configure the PenTBox Honeypot 26:47 - Van Twinkle's Challenge #tryhackme #adventofcyber **Below you'll find what are known as affiliate links. These are links to things that I actually use and recommend. If you buy them, I will receive a super small kickback that helps support this channel and the giveaways I do on social media. Thanks!!** (YouTube Gear, IT Devices, Books, Pre-workout I use...STUFF I 100% RECOMMEND) Here is the Azure Networking fundamentals book I used to help pass the AZ-700 (Affiliate Link): https://amzn.to/3lPb4na Here is the Comptia Pentest+ training book bundle I used to pass the new PenTest+. (Affiliate Link) - https://amzn.to/3A9X8Hx Network+ Study Guide that I co-authored: https://amzn.to/2vTODU2 ECAMM Live Recording Software : https://www.ecamm.com/mac/ecammlive/?fp_ref=john57 Amazon Affiliate Store: https://www.amazon.com/shop/jbizzle703 ---------------------------------------------------------------------------------------------------------------------------------------- Subscribe to our monthly newsletter and blog notifications 👍 https://mailchi.mp/e7b56addb7fc/cybersightblog C-----Y-----B-----E-----R-----I-----N-----S-----I-----G-----H-----T J.B.C.'s Site ▶️https://www.jbcsec.com/insights Swag Store ▶️ https://www.teepublic.com/user/jbc Twitter ▶️ http://www.twitter.com/JBC_SEC Author ▶️ https://twitter.com/JBizzle703 IG ▶️https://www.instagram.com/realcyberinsight/ ----------------------------------------------------------------------------------------------------------------------------------------