Course Overview:
Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.
A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.
Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.
Date/Locations:
No Events
Duration: 5 days
Course Objectives:
- Advanced Snort Concepts
- Analyst Toolkit
- Domain Name System (DNS)
- Examining Packet Crafting
- Examining Packet Header Fields
- Fragmentation
- ICMP Theory
- IDS Interoperability
- IDS Patterns
- IDS/IPS Management & Architecture Issues
- Indications, Warnings & Traffic Correlation
- IPv6
- Microsoft Protocols
- Network Traffic Analysis
- NIDS Evasion, Instertion & Checksums
- Snort Fundamentals & Configuration
- Snort GUIs & Sensor Management
- Snort Performance, Active Response & Tagging
- Snort Rules
- Stimulus Response
- TCPdump Fundamentals
- TCP/IP Fundamentals
- Wireshark Fundamentals
- Writing TCPdump Filters
Course Prerequisites:
- GSEC or equivalent experience
- UNIX, Windows, Networking, and Security Experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Comments
Latest comments from students
User: Tosha
Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.
Facilities comments: Very nice and clean hotel.
User: buckey26
Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.
Liked the class? Then let everyone know!
TechNow has been involved in enterprise client server architectures since 1990. TechNow has delivered national and international implementations for Valero, Wholefoods, Quest, USAA, Golfsmith, AMD, Motorola, and many other fortune 1000 corporations,
TechNow's training program has followed the evolution of enterprise computing into virtualization and cloud computing. With a focus on security, TechNow can present the ramifications of many centralized strategies. All courses utilize enterprise instructors with experience and can discuss the detail of implementation and the integration into an existing infrastructure.
Course Overview:
This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.
Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.
Dates/Locations:
No Events
Duration: 5 days
Course Objectives:
- Information Security and Open Source Software
- Operating System Tools
- Firewalls
- Scanners
- Vulnerability Scanners
- Network Sniffers
- Intrusion Detection Systems
- Analysis and Management Tools
- Encryption Tools
- Wireless Tools
- Forensic Tools
- More on Open Source Software
Prerequisites:
- Experience in IT Security
- Solid basic knowledge of networks and TCP/IP
- Experience in command line under Linux and Windows is required
Comments
Latest comments from students