Intrusion Detection/Prevention Systems (2014)
This is the approved element for 2014 per the Centers of Academic Excellence program office.<ref>CAE Requirements and Resources</ref> The intent of this Knowledge Unit is to provide students with knowledge and skills related to detecting and analyzing vulnerabilities and threats and taking steps to mitigate associated risks.
- Students will be able to demonstrate the ability to detect, identify, resolve and document host or network intrusions.
- Students will be able to demonstrate the ability to detect various types of malware (keyloggers, rootkits) and unauthorized devices (rogue wireless access points) on a live network.
- Students will be able to demonstrate the ability to configure IDS/IPS systems to reduce false positives and false negatives.
- Deep Packet Inspection
- Log File Analysis
- Log Aggregation
- Cross Log Comparison and Analysis
- Anomaly Detection
- Misuse Detection (Signature Detection)
- Specification-based Detection
- Host-based Intrusion Detection and Prevention
- Network-based Intrusion Detection and Prevention
- Distributed Intrusion Detection
- Hierarchical IDSes
- Data Security Analysis (2014)
- Industrial Control Systems-SCADA Security (2014)
- Network Security Administration (2014)
- System Security Administration (2014)
Related Knowledge Units