Advanced Intrusion Detection and Response

In this course students learn the steps of the incident handling process, the factors that influence incident response and a "pre-incident" response strategy. The course covers the typical flow of an attack and teaches the students to recognize steps normally seen in attack signatures and prior to a successful compromise of a system. Topics such as functional components of CIDF, intrusion signature categories and hackers response to IDS give students the knowledge necessary to effectively detect incidents. Students learn how to reduce false positives from damage assessment and identify the perpetrator during the response phase of investigations. Students learn forensic policy and procedures that are critical to their success in real world security issues and how to maintain the integrity of their incident response.
Students should successfully complete ProTech's Active Defense of Enterprise Networks course and the Active Defense Advanced Security Tools course.
5 Days/Lecture & Lab
This course is intended for IT Professionals responsible for the security of computer networks as well as Managers of IT Professionals.
Functional Components of CIDF::Intrusion Signature Categories::Hackers Response to IDS

Related Scheduled Courses