Course Code: IFIS/SCI/CS001
About this Course
This course delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as DNS and HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to master different open source tools like tcpdump, Wireshark, Snort, Bro, tshark, and SiLK.
Requirements for this course
Prior condition for this course
Students must have at least a working knowledge of TCP/IP and hexadecimal.
In this course, you will learn;
- Configure and run open source Snort and write Snort signatures
- Configure and run open source Bro to provide a hybrid traffic analysis framework
- Understand TCP/IP component layers to identify normal and abnormal traffic
- Use open source traffic analysis tools to identify signs of an intrusion
- Comprehend the need to employ network forensics to investigate traffic to identify a possible intrusion
- Use Wireshark to carve out suspicious file attachments
- Write tcpdump filters to selectively examine a particular traffic trait
- Craft packets with Scapy
- Use the open source network flow tool SiLK to find network behavior anomalies
- Use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire
- Intrusion detection, systems and security analysts
- Network engineers/ administrators
- Hands-on security managers
Duration and Fees
Duration: 2 days
You will be required to also pay $20 and this fee will get you buffet, refreshments like water and sodas, fruits and tea if needed for the 2 days you will be training with us. Note that you can choose not to pay this fee and you will not have the above or pay for specific days, each day is $10.