ITEC2410 — Intrusion Detection & Prevention Systems
Academic Division: Business, Industry and Technology Academic Discipline: Information Technology Assistant Dean: Vincent Palombo PhD 3 Credit(s) This course presents an overview to Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) and an introduction to the security tools used to implement these technologies. Deploying an IDS/IPS on a network and tuning the platform to work in conjunction with network traffic flow will be demonstrated. Students will learn the role of an IDS/IPS in the network and how to deploy these technologies to operate effectively. UG 2 Lab Hour(s) 2 Lecture Hour(s); Required Compare and contrast intrusion detection systems/network security monitoring versus intrusion prevention systems. Part 1: Weeks 1-4 tests, labs, midterm and final exam. 2. Plan and build a senor platform. Part 1: Weeks 3-4 tests, labs, midterm and final exam. 3. Compare and contrast full packet captures versus string data captures. Part 1: Week 5 tests, labs, midterm and final exam. 4. Describe detection mechanisms, indicators of compromise, and signatures. Part 2: Weeks 6-8 tests, labs, midterm, and final exam. 5. Demonstrate the installation, configuration, and use of detection applications for a given set of conditions. Part 2: Weeks 8-10 tests, labs, midterm and final exam. 6. Describe how to use Canary honeypots for detection. Part 2: Week 11 tests, labs, and final exam. 7. Compare and contrast packet analysis applications. Part 3: Weeks 12-15 tests, labs,
Prerequisites: ITEC1430, ITEC1650