• Online, Self-Paced

Intrusion prevention helps one to detect and stop various attacks that other security components may miss. In this 13-video course, learners explore objectives and tools of intrusion prevention, including kernel attack prevention, vulnerability discovery, remediation strategies, scan detection, and evasion techniques. Begin by examining approaches to intrusion prevention systems (IPS), and how it differs from intrusion detection systems (IDS). Then take a look at options and deployment strategies for IPS; discover the advantages and disadvantages of various approaches to IPS, and view the role of IPS in preventing kernel attacks. Explore the methods used to discover vulnerabilities, and the remediation strategies related to intrusions. Next, learn how to block an attacker after too many failed login attempts; how to describe methods used in IPS to evade intrusions; and how to use tools, including netstat, to scan for potential intrusions on a local system. In the final two tutorials in this course, you will scan a system for potential malware infections using nmap, and use Suricata to implement a packet diversion for intrusion prevention.

Learning Objectives

Discover the key concepts covered in this course

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Cyber Operational Planning
  • Cyber Operations
  • Cybersecurity Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.