4 credit/unit hours – Four hours of lecture weekly; one term

Intrusion Detection/Prevention Systems are critical components of well-designed network architectures. These systems act as a line of defense, helping protect company assets from attacks.

In this course, students gain a thorough grounding in the design, implementation, and administration of IDSes/IPSes, as well as practical, hands-on experience working with them. In addition, students analyze various attack signatures and the network traffic these systems collect.

Learning Objectives

Upon completion of this course the student will be able to:

  • Differentiate between host-based and network-based IDS solutions;
  • Setup and administer an IDS/IPS in a working network;
  • Dissect and analyze various types of normal and unusual traffic;
  • Identify false positives and false negatives; and
  • Demonstrate appropriate and ethical behavior and good work habits

Main Topics

1.0 Network- and Host-Based IDS/IPS Solutions
2.0 Fundamentals of Traffic Analysis
3.0 Advanced Traffic Analysis
4.0 Working with Filters/Rules for Network Monitoring
5.0 Introduction to Network Security Monitoring
6.0 Analyzing and Deconstructing Attack Signatures