Intrusion Detection Training In-Depth Course Hands-on
Intrusion Detection Training In-Depth delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to configure and master different open-source tools like tcpdump, Wireshark, Snort, Bro, and many more.
Our goal in Intrusion Detection Training In-Depth is to acquaint you with the core knowledge, tools, and techniques to defend your networks. The training will prepare you to put your new skills and knowledge to work immediately upon returning to a live environment
Duration: 5 days
• We can adapt this Intrusion Detection Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Intrusion Detection Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Intrusion Detection Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Intrusion Detection Training course in manner understandable to lay audiences.
Audience / Target Group
The target audience for this Intrusion Detection Training course is defined here:
• Network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager
The knowledge and skills that a learner must have before attending this Intrusion Detection Training course are:
• Common Security and Network terminology
• TCP/IP addressing, routing, and internetworking concepts
Intrusion Detection Training - Objectives:
After completing this Intrusion Detection Training In-Depth course, attendees will be able to:
• How to analyze traffic traversing your site to avoid becoming another "Hacked!" headline
• How to place, customize, and tune your IDS/IPS for maximum detection
• Hands-on detection, analysis, and network forensic investigation with a variety of open-source tools
• TCP/IP and common application protocols to gain insight about your network traffic, enabling you to distinguish normal from abnormal traffic
• The benefits of using signature-based, flow, and hybrid traffic analysis frameworks to augment detection
Intrusion Detection Training - Course Content:
Traffic Analysis Fundamentals
Traffic Analysis and application controls
Network traffic forensics
Open-Source IDS: Snort and Bro
Network Traffic Forensics and Monitoring
Configure and run open source Snort and write Snort signatures
Configure and run open source Bro to provide a hybrid traffic analysis framework
Understand TCP/IP component layers to identify normal and abnormal traffic
Use open source traffic analysis tools to identify signs of an intrusion
Comprehend the need to employ network forensics to investigate traffic to identify a possible intrusion
Use Wireshark to carve out suspicious file attachments
Write tcpdump filters to selectively examine a particular traffic trait
Craft packets with Scapy
Use the open source network flow tool SiLK to find network behavior anomalies
Use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire