Intrusion Detection Training
Intrusion Detection Labs develops skills required to monitor events that occurred on a computer network and to review and interpret captured traffic for signs of incidents that could be considered an imminent threat or violation of security policies, standard security practices, or acceptable use policies.
Training Formats: Instructor-Led, Self-Paced
Duration: 3 Days
Protocol Analysis Labs develop skills required to use a network protocol analyzer to examine network traffic, discover malicious activity, and report their findings.
Activities/Labs:
- Lab Environment Orientation
- Applying Filters to TCPDump and Wireshark
- Assessing Vulnerabilities Post Addresses
- Comprehensive Threat Response
- Create Custom Snort Rules
- Creating Recommendations Based on Vulnerability Assessments
- Gap Analysis of Firewall Rules
- Identify Whether High-Risk Systems Were Affected
- IDS Setup and Configuration
- Incident Detection and Identification
- Monitoring for False Positives
- Monitoring Network Traffic
- Network Discovery
- Network Segmentation (FW/DMZ/WAN/LAN)
- Network Topology Generation
- Open and Close Ports on Windows 7
- Recover from Incident
- Searching for Indicators of Compromise
- Using Snort and Wireshark to Analyze Traffic
- Vulnerability Analysis/Protection
Intrusion Detection Labs develops skills required to monitor events that occurred on a computer network and to review and interpret captured traffic for signs of incidents that could be considered an imminent threat or violation of security policies, standard security practices, or acceptable use policies.
Training Formats: Instructor-Led, Self-Paced
Duration: 3 Days
Protocol Analysis Labs develop skills required to use a network protocol analyzer to examine network traffic, discover malicious activity, and report their findings.
Activities/Labs:
- Lab Environment Orientation
- Applying Filters to TCPDump and Wireshark
- Assessing Vulnerabilities Post Addresses
- Comprehensive Threat Response
- Create Custom Snort Rules
- Creating Recommendations Based on Vulnerability Assessments
- Gap Analysis of Firewall Rules
- Identify Whether High-Risk Systems Were Affected
- IDS Setup and Configuration
- Incident Detection and Identification
- Monitoring for False Positives
- Monitoring Network Traffic
- Network Discovery
- Network Segmentation (FW/DMZ/WAN/LAN)
- Network Topology Generation
- Open and Close Ports on Windows 7
- Recover from Incident
- Searching for Indicators of Compromise
- Using Snort and Wireshark to Analyze Traffic
- Vulnerability Analysis/Protection