Course details

Intrusion Detection: Best Practices

Intrusion Detection: Best Practices


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description

Intrusion detection systems (IDS) allow you to monitor traffic and send alerts when abnormal activities have been detected. In this 14-video course, you will explore concepts of traffic analysis and IDS, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. To begin, you will examine approaches to network security through traffic analysis, then take a look at tools and techniques used by IDS. Learners will also explore the network forensic approach to computer networks; learn how to describe types of application controls that can be used for traffic analysis; placement and use of sniffing and IDS sensors; and examine concepts of signal and noise when it comes to network traffic analysis. You will learn how to perform IDS with Snort with a sample ruleset; configure Bro to detect common attack patterns; use Wireshark to inspect network packets; and perform nmap scans with methods to evade IDS detection. In the final tutorials, you will perform brute force analysis with nmap, and a mock denial of service (DoS) attack with nmap.



Expected Duration (hours)
0.8

Lesson Objectives

Intrusion Detection: Best Practices

  • discover the key concepts covered in this course
  • describe the approaches to network security through traffic analysis
  • describe the tools and techniques used by intrusion detection systems
  • describe the network forensic approach to computer networks
  • describe the types of application controls that can be used for traffic analysis
  • describe the placement and use of sniffing and IDS sensors
  • describe the concepts of signal and noise when it comes to network traffic analysis
  • perform IDS with Snort using a sample ruleset
  • configure Bro to detect a common attack pattern
  • use Wireshark to inspect network packets
  • perform nmap scans using methods to evade IDS detection
  • perform a brute force analysis with nmap
  • perform a mock DOS attack with nmap
  • summarize the key concepts covered in this course
  • Course Number:
    it_saidbpdj_01_enus

    Expertise Level
    Beginner