Overview
-
Review the fundamentals of intrusion detection and intrusion prevention systems (IDS/IPS), how they detect and mitigate common attacks, and the practical applications of IDS/IPS.
Syllabus
-
Introduction
- Welcome
- What you need to know
- Packet Tracer and exercise files
- Prepare for the CCNA Security Exam (210-260)
- Managing the threat landscape
- Overview and benefits of IDS and IPS
- IPS versus IDS
- Host-based versus network IDS
- Prerequisites and restrictions for IPS
- Monitoring the network
- Signature-based IDS
- Sweep scan
- Anomaly-based IDS
- Reputation-based IDS
- Policy-based IDS
- IDS signature files
- Trigger actions and responses
- Blacklist and whitelist
- Managing IPS alarms
- Analyze the flow
- Implementing an IPS
- Configure an IPS
- Monitoring and analyzing
- Syslog
- Using IDS and honeypots
- The EINSTEIN system
- Summary
