Today’s networks need to be secured from both internal and external threats. You’ll learn the key differences between intrusion detection and intrusion prevention. Proper intrusion detection helps a network administrator establish not only where the attempted breach originates but also the tool or tools used. As part of your detection efforts, you can implement an intrusion prevention system that will monitor network traffic and adjust or reject dangerous traffic.
You’ll also work to set up and test a working intrusion detection system using Snort IDS, an industry standard open-source product. You’ll learn about:
- installing and configuring Snort
- monitoring and reporting using Snort
- using Snort as a detection system
- Snort rules, setup and maintenance
Recommended: CCTM390 Vulnerability Assessment, equivalent courses or practical experience.