4 credit/unit hours – Four hours of lecture weekly; one term
Intrusion Detection/Prevention Systems are critical components of well-designed network architectures. These systems act as a line of defense, helping protect company assets from attacks.
In this course, students gain a thorough grounding in the design, implementation, and administration of IDSes/IPSes, as well as practical, hands-on experience working with them. In addition, students analyze various attack signatures and the network traffic these systems collect.
Upon completion of this course the student will be able to:
- Differentiate between host-based and network-based IDS solutions;
- Setup and administer an IDS/IPS in a working network;
- Dissect and analyze various types of normal and unusual traffic;
- Identify false positives and false negatives; and
- Demonstrate appropriate and ethical behavior and good work habits
1.0 Network- and Host-Based IDS/IPS Solutions
2.0 Fundamentals of Traffic Analysis
3.0 Advanced Traffic Analysis
4.0 Working with Filters/Rules for Network Monitoring
5.0 Introduction to Network Security Monitoring
6.0 Analyzing and Deconstructing Attack Signatures