Intrusion Detection Training

This Intrusion Detection Training delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to configure and master different open-source tools like tcpdump, Wireshark, Snort, Bro, and many more.

Our goal in Intrusion Detection Training is to acquaint you with the core knowledge, tools, and techniques to defend your networks. The training will prepare you to put your new skills and knowledge to work immediately upon returning to a live environment

Intrusion Detection TrainingDuration: 5 days

RESOURCES
RELATED COURSES
CUSTOMIZE It
  • We can adapt this Intrusion Detection course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this Intrusion Detection course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the Intrusion Detection Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Intrusion Detection course in manner understandable to lay audiences.
AUDIENCE/TARGET GROUP

The target audience for this Intrusion Detection course:

  • Network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager
CLASS PREREQUISITES

The knowledge and skills that a learner must have before attending this Intrusion Detection course are:

  • Common Security and Network terminology
  • TCP/IP addressing, routing, and internetworking concepts
Intrusion Detection Training - OBJECTIVES

Upon completing this Intrusion Detection course, learners will be able to meet these objectives:

  • How to analyze traffic traversing your site to avoid becoming another “Hacked!” headline
  • How to place, customize, and tune your IDS/IPS for maximum detection
  • Hands-on detection, analysis, and network forensic investigation with a variety of open-source tools
  • TCP/IP and common application protocols to gain insight about your network traffic, enabling you to distinguish normal from abnormal traffic
  • The benefits of using signature-based, flow, and hybrid traffic analysis frameworks to augment detection
Intrusion Detection Training - COURSE SYLLABUS
  • Traffic Analysis Fundamentals
  • Traffic Analysis and application controls
  • Network monitoring
  • Network traffic forensics
  • Open-Source IDS: Snort and Bro
  • Network Traffic Forensics and Monitoring
  • Configure and run open source Snort and write Snort signatures
  • Configure and run open source Bro to provide a hybrid traffic analysis framework
  • Understand TCP/IP component layers to identify normal and abnormal traffic
  • Use open source traffic analysis tools to identify signs of an intrusion
  • Comprehend the need to employ network forensics to investigate traffic to identify a possible intrusion
  • Use Wireshark to carve out suspicious file attachments
  • Write tcpdump filters to selectively examine a particular traffic trait
  • Craft packets with Scapy
  • Use the open source network flow tool SiLK to find network behavior anomalies
  • Use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire
Intrusion Detection Training Course Wrap-Up

Whether you are looking for general information or have a specific question, we want to help.
Request More Information

    Time frame: