• Online, Self-Paced
Course Description

Recognizing an attack is in progress is critical to our job as a cyber defense analyst. This topic will review tools we use to provide intrusion detection and prevention.

Learning Objectives

  • Understand the role of Monitor in defending the network
  • Learn how Intrusion Detection/Protection Systems (IDS/IPS) work
  • Create new threat signatures for the IDS system
  • Understand the different types of Intrusion Detection systems
  • Understand the overall detection process and components involved
  • Think about the context need to move from IDS to NSM
  • Read and understand signatures for Snort
  • Develop new signatures for Snort

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Digital Forensics
  • Exploitation Analysis
  • Systems Architecture
  • Systems Requirements Planning