Intrusion Detection: Best Practices

Intrusion Detection: Best Practices

• discover the key concepts covered in this course
• describe the approaches to network security through traffic analysis
• describe the tools and techniques used by intrusion detection systems
• describe the network forensic approach to computer networks
• describe the types of application controls that can be used for traffic analysis
• describe the placement and use of sniffing and IDS sensors
• describe the concepts of signal and noise when it comes to network traffic analysis
• perform IDS with Snort using a sample ruleset
• configure Bro to detect a common attack pattern
• use Wireshark to inspect network packets
• perform nmap scans using methods to evade IDS detection
• perform a brute force analysis with nmap
• perform a mock DOS attack with nmap
• summarize the key concepts covered in this course

Intrusion detection systems allow you to monitor traffic and send alerts when abnormal activities have been detected. Explore the concepts of traffic analysis and intrusion detection systems, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. Discover how to work with Snort, Bro, and Wireshark to perform intrusion detection, as well as how to evade detection with nmap.