Official Course Description: MCCCD Approval: 07/22/08 | |||
---|---|---|---|
ITS230 20056-20086 | L+L | 3 Credit(s) | 4 Period(s) |
Deploying Snort Intrusion Detection System (IDS) | |||
Intrusion Detection System (IDS). Examination of network intrusion
detection concepts, principles and practices. Study of the mechanics and
behaviors of Transmission Control Protocol/Internet Protocol (TCP/IP).
Creation of filters and rules for network monitoring. Analysis of packet
structure. Evaluation of intrusion detection system architectures.
Detection and analysis of scans, vulnerabilities, exploits, and attacks.
Identification of countermeasures. Architectural considerations for
intrusion detection systems. Prerequisites: ITS110 or permission of Instructor. | |||
MCCCD Official Course Competencies: | |
---|---|
ITS230 20056-20086 | Deploying Snort Intrusion Detection System (IDS) |
1. | Explain the mechanics and behavior of TCP/IP. (I, II, III, IV) |
2. | Capture and analyze packets. (V, VI, VII) |
3. | Create, apply, and evaluate the effectiveness of filters and rules for network monitoring. (VIII, IX) |
4. | Interpret common log files. (IX) |
5. | Detect, analyze, and identify countermeasures against reconnaissance activities. (X) |
6. | Detect, analyze, and identify countermeasures against common vulnerabilities, exploits and attacks. (XI, XII) |
7. | Evaluate and design intrusion detection system architectures. (XIII) |
8. | Describe Snort system installation requirements. (XIV) |
9. | Install Snort. (XV) |
10. | Describe how Snort works. (XVI) |
11. | Configure Snort in Network Environment. (XVII, XVIII, XIX) |
12. | Describe key elements of Snort audits and alerts. (XX) |
13. | Discuss the basics of how to update and optimize Snort. (XXI, XXII) |
14. | Describe the use of Barnyard and Active Response. (XXIII, XXIV) |
MCCCD Official Course Outline: | |
---|---|
ITS230 20056-20086 | Deploying Snort Intrusion Detection System (IDS) |
|