• Online, Self-Paced
Course Description

Recognizing an attack is in progress is critical to our job as a cyber defense analyst. This topic will review tools we use to provide intrusion detection and prevention.

Learning Objectives

  • Understand the role of Monitor in defending the network
  • Learn how Intrusion Detection/Protection Systems (IDS/IPS) work
  • Create new threat signatures for the IDS system
  • Understand the different types of Intrusion Detection systems
  • Understand the overall detection process and components involved
  • Think about the context need to move from IDS to NSM
  • Read and understand signatures for Snort
  • Develop new signatures for Snort

Framework Connections