Deploy IDS/IPS and analyze attacks to secure systems
Digitization makes things easier, but it also opens up loopholes in the integrity of systems. Not anticipating them means putting the company's and its customers' data at risk... and therefore its credibility.
Is it for you ?
Network specialists (other than DBAs) .
Prerequisites
Knowledge of TCP/IP (Course RE102).
What You'll Walk Away With
- ✓ Identify threats and understand common network attack techniques
- ✓ Deploy IDS/IPS systems and design their placement within network architecture
- ✓ Use analysis and detection tools (Wireshark, Snort, Nessus, Kali)
- ✓ Analyze traffic traces and detect anomalies, false positives, and false negatives
- ✓ Develop incident response plans and manage security incidents effectively
Training content
- Uses of intrusion detection systems
- Common security threats: examples and characteristics of certain attacks
- Security problems with TCP/IP: fragmentation, ICMP, OS fingerprinting, DNS, denial of service, etc.
- Principles of vulnerability identification, presentation of tools for detecting intrusions and analyzing vulnerability: commercial and free software, and examples of use (TCPdump, Wireshark, Snort 2.9.X, Kali, Nessus, DenyAll and Nikto)
- Architecture of an intrusion detection system: IDS vs. IPS, physical and logical location in the network, system disturbance analysis and system abuse detection, alarms, logging, link with the security gateway (Firewall)
- Errors to avoid, false positives and false negatives
- Securing servers and workstations
- Trace analysis
- Autopsies (Forensic)
- Managing security incidents: preparing an action plan for handling intrusions
- Administering an intrusion detection system
- Trace analysis case studies and exercises.
See more
📌 Practical information
Our training sessions are offered in Montreal or Quebec City, in person or in a virtual classroom. Dates and locations are specified when you select your session below. If you have any questions, check out our FAQ.
