IDS III: On-site Log Analysis, Event Correlation and Response (Custom) Certification Class
Real-Time Tools and Methodologies for Discovering and Reacting to Network Intrusion Attempts
This 72 hour class investigates how to strengthen network- and host-based intrusion detection systems (IDS). You will explore the leading IDS products on the market today, including Cisco, ISS real secure, SNORT, Tripwire Enterprise (and shareware) and more. You will compare managed services to make informed decisions about which is best suited to your organization. You will explore the pros and cons of perimeter defenses and deep internal defenses. Hacker attack labs will enrich your skills of port scanning, exploit buffer overruns, and other network assaults in action. When you leave this cutting-edge seminar, you will know where to position sensors and consoles; the types of responses you will receive; and how to react to alerts using industry-standard IDS countermeasures. Bonus: You will receive a Network Intrusion Defense Kit drive.
| Class Fee: | $3,990 |
| Time: | 72 hrs |
| Learning Level: | Advanced |
| Contact Hours: | 37 hr Lecture 35 hr labs |
| Prerequisites: | Basic competency with TCP/IP & Linux. |
| Credits: | 72 CPE / 3 CEU |
| Method of Delivery: | Residential (100% face-to-face) or Hybrid |
| Instructor: | TBD |
| Method of Evaluation: | 95 % attendance 2. 100 % completion of Lab |
| Grading: | Pass = Attendance+ labs & quizzes Fail > 95% Attendance |
Sample Job Titles:
Information Assurance (IA) Architect
Information Security Architect
Information Systems Security Engineer
Network Security Analyst
Research & Development Engineer
Security Architect/ Security Engineer
Security Solutions Architect
Systems Engineer/ Systems Security Analyst
This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
KU Outcomes
- Students will be able to write a system incidence response policy.
- Students will be able to describe and write various risk analysis methodologies.
- Students will be able to evaluate and categorize risk 1) with respect to technology; 2) with respect to individuals, and 3) in the enterprise, and recommend appropriate responses.
- Students will be able to compare the advantages and disadvantages of various risk assessment methodologies
- Students will be able to select the optimal methodology based on needs, advantages and disadvantages.
Who Should Attend:
CIO's; Information Security Officers; Information Technology Managers, administrators, and Auditors; Telecommunications and Network Administrators; Consultants; Systems and Data Security Analysts; Project Managers; and Technology Planners
Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while your mitigating the threat step by step.
Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below
