• Online, Instructor-Led
Course Description

Host-based and network-based intrusion detection systems (IDS): Tools for information security practitioners; examination of information sources, analysis schemes, technical, and legal issues.

Learning Objectives

  • Understand the TCP/IP communication model, theory of bits, bytes, binary and hexadecimal, the IP layer, both IPv4 and IPv6 and packet fragmentation in both.
  • Acquire a basic understanding of two traffic analysis tools, Wireshark and tcpdump.
  • Achieve a basic knowledge of open source IDS tools, such as Snort and Bro.
  • Understand IDS versus IPS (Intrusion Prevention System).
  • Comprehend IDS evasion theory.

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.