Cybersecurity: Prevention and Detection of Intrusions

Be prepared to deal with network security incidents.


overall satisfaction for this course

?Average calculated from scores obtained from 457 participants who took this course.
  • Duration 2 days
  • Regular fee 955
  • Preferential fee 860?
  • Locations
    • Montreal
  • Laboratory


To provide the knowledge and skills required to identify the various types of intrusions and attacks on TCP/IP networks as well as the mechanisms which can be used to detect them, and to choose among the available detection tools.

Targeted audience

Network specialists (other than DBAs) .


Knowledge of TCP/IP (Course RE102).

Customer Testimonials

The trainer was living up to his tasks. His experiences in the field have been useful for us.

Blaise A. / Administrateur de Réseau, GMCR Canada Holding


  • Uses of intrusion detection systems
  • Common security threats: examples and characteristics of certain attacks
  • Security problems with TCP/IP: fragmentation, ICMP, OS fingerprinting, DNS, denial of service, etc.
  • Principles of vulnerability identification, presentation of tools for detecting intrusions and analyzing vulnerability: commercial and free software, and examples of use (TCPdump, Wireshark, Snort 2.9.X, Kali, Nessus, DenyAll and Nikto)
  • Architecture of an intrusion detection system: IDS vs. IPS, physical and logical location in the network, system disturbance analysis and system abuse detection, alarms, logging, link with the security gateway (Firewall)
  • Errors to avoid, false positives and false negatives
  • Securing servers and workstations
  • Trace analysis
  • Autopsies (Forensic)
  • Managing security incidents: preparing an action plan for handling intrusions
  • Administering an intrusion detection system
  • Trace analysis case studies and exercises


*Unless stated otherwise, all sessions are in French.
  • Montreal

    May 27 to May 28 2019 - CONFIRMED

  • Montreal

    October 28 to October 29 2019

Trainer(s) assigned(s)