Rouse Company Foundation Student Services Building

CMSY-164 Introduction to Intrusion Detection and Prevention Systems

From this introduction to intrusion detection and prevention systems (IDPS), students will develop a solid foundation for understanding IDPS and how they function. This course will give students a background in the technology of detecting network attacks. It will introduce all the concepts and procedures used for IDPS. Students will have hands-on experience with implementing and configuring software-and hardware-based IDPS in a network infrastructure. This course is designed with a network administrator in mind. A student with a fairly extensive background in network administration or a computer professional with an MCSE or equivalent would have adequate background knowledge for waiver.

Credits

3

Prerequisite

CMSY-162 or CMSY-163

Hours Weekly

2 hours lecture, 2 hours lab weekly

Course Objectives

  1. 1. Define what an IDPS is and how it functions.
  2. 2. Determine where IDPS should be placed in a network.
  3. 3. Employ a packet sniffer and identify the critical parts of a TCP/IP packet.
  4. 4. Identify attack signatures and relate them to specific attacks.
  5. 5. Identify false-positives and false-negatives, and have the ability to determine what causes them.
  6. 6. Define and identify the different types of IDPS.
  7. 7. Build and implement an open source IDPS system.

Course Objectives

  1. 1. Define what an IDPS is and how it functions.
  2. 2. Determine where IDPS should be placed in a network.
  3. 3. Employ a packet sniffer and identify the critical parts of a TCP/IP packet.
  4. 4. Identify attack signatures and relate them to specific attacks.
  5. 5. Identify false-positives and false-negatives, and have the ability to determine what causes them.
  6. 6. Define and identify the different types of IDPS.
  7. 7. Build and implement an open source IDPS system.