Host-based and network-based intrusion detection systems (IDS): Tools for information security practitioners; examination of information sources, analysis schemes, technical, and legal issues.
- Understand the TCP/IP communication model, theory of bits, bytes, binary and hexadecimal, the IP layer, both IPv4 and IPv6 and packet fragmentation in both.
- Acquire a basic understanding of two traffic analysis tools, Wireshark and tcpdump.
- Achieve a basic knowledge of open source IDS tools, such as Snort and Bro.
- Understand IDS versus IPS (Intrusion Prevention System).
- Comprehend IDS evasion theory.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.