• Online, Instructor-Led
Course Description

Host-based and network-based intrusion detection systems (IDS): Tools for information security practitioners; examination of information sources, analysis schemes, technical, and legal issues.

Learning Objectives

  • Understand the TCP/IP communication model, theory of bits, bytes, binary and hexadecimal, the IP layer, both IPv4 and IPv6 and packet fragmentation in both.
  • Acquire a basic understanding of two traffic analysis tools, Wireshark and tcpdump.
  • Achieve a basic knowledge of open source IDS tools, such as Snort and Bro.
  • Understand IDS versus IPS (Intrusion Prevention System).
  • Comprehend IDS evasion theory.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Digital Forensics
  • Cybersecurity Management
  • Cyber Investigation
  • Threat Analysis