Realtime website analytics

 

 

 

Catching the Hackers - Intro to Intrusion Detection Systems
Real-Time Tools and Methodologies for Discovering and Reacting to Network Intrusion Attempts

Class Focus and Features
This three-day seminar investigates the strengths and weaknesses of network- and host-based intrusion detection systems (IDS). You will explore the leading IDS products on the market today, including Cisco NetRanger, ISS RealSecure, NFR - Network Flight Recorder, Shadow (freeware), Tripwire Enterprise (and shareware), AXENT OmniGuard, Bellcore Sysguard, and more. You will compare insourcing and outsourcing options and gain the knowledge you need to make informed decisions about which is best suited to your organization. You will explore the pros and cons of perimeter defenses. A demo of hacker attack methods will illustrate port scans, buffer overruns, and other network assaults in action. When you leave this cutting-edge seminar, you will know where to position sensors and consoles; the types of responses you will receive; and how to react to alerts using industry-standard IDS countermeasures.

Who Should Attend
CIO's; Information Security Officers; Information Technology Managers, Administrators, and Auditors; Telecommunications and Network Administrators; Consultants; Systems and Data Security Analysts; Project Managers; and Technology Planners

Bonus
You will receive a Network Intrusion Defense Kit on diskette.
Course Fee: $1,325
Time: 8:00am - 5pm
Location: Click here to view the course schedule
Learning Level: Intermediate
Prerequisites: Knowledge of TCP/IP and networking
CPE Credits 24
Instructor: Sondra J. Schneider, Founder and CEO

Click a class date to REGISTER NOW!

What You Will Learn

1. Introduction to IDS
• defining the role of intrusion detection in your overall network security program: IDS vs. firewalls
• strengths and weaknesses of host-based and network-based IDS

2. Comparing IDS Solutions
• Cisco's NetRanger
• NFR Flight Recorder
• Intrusion.com
• ISS RealSecure SAFEsuite
• Shadow
• Tripwire Enterprise
• NAI Cybercop
• AXENT OmniGuard and Intruder Alert
• Dragon/Entarasys
• CyberSafe Centrax
freeware/shareware tools for intrusion detection solutions

3. Insourcing vs. Outsourcing Options

4. Implementing IDS
choosing an intrusion detection system
• host-based and network-based IDS
• key attributes of IDS
• placement determination
• who administers the IDS
• integrating IDS and firewalls

IDS and threat management: staff roles --clearly define responsibilities
• law enforcement contact
• overall coordinator
• documentation
• logging

the role of IDS in threat management --forensic gathering tool
• early-warning system
• escalation procedures
• document security policy and procedures
• defining the scope of incidents to be managed
IDS alarm severity level definitions
incident response sources
integrating IDS and firewalls
IDS case studies: insourcing vs. outsourcing
developing an effective incident response capability

5. Reacting to Threats
monitoring traffic
sending an alert: console, audible, pager, E-mail
taking action based on policy
forcing the session to disconnect
blocking all network access from the attacking source
blocking all network access
incident response resources

6. Validating the Threats: Hacker Attack Methods
hacker attacks: a demo
reconnaissance
mapping networks
access points
relationships between systems
• physical and logical locations of systems
• types of systems
• system configuration
• services offered
• user informationsecurity mechanisms
filtering rules
routing information
active attacks
• bug exploitation
• buffer overruns
• race condition
• trust exploitation
• denial of service
• social engineering
• physical access

7. Essential Tools and Resources

8. What You Can Expect in the Future

*Course fees are subject to change

Top 

View Class Schedule  

More Detection Course


Current Schedule
Site Map SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure
Copyright © 2014 Security University, Inc. All rights reserved.
Translate this page to