Course Description
Recognizing an attack is in progress is critical to our job as a cyber defense analyst. This topic will review tools we use to provide intrusion detection and prevention.
Learning Objectives
- Understand the role of Monitor in defending the network
- Learn how Intrusion Detection/Protection Systems (IDS/IPS) work
- Create new threat signatures for the IDS system
- Understand the different types of Intrusion Detection systems
- Understand the overall detection process and components involved
- Think about the context need to move from IDS to NSM
- Read and understand signatures for Snort
- Develop new signatures for Snort