Sistemi za detekciju i prevenciju upada (IDS / IPS)
Instruktor
Instruktor ove obuke je dr Nemanja Maček.
Kome je namenjena obuka
Obuka je primarno namenjena sistem administratorima, administratorima mreže, sistem administratorima za bezbednost.
Trajanje
Obuka traje 1 radni dan od 6 školskih časova, sa početkom u dogovoreno vreme.
Potreban nivo predznanja
Za obuku je potreban napredni nivo predznanja u oblasti informacionih tehnologija.
Prethodne obuke
Preporučuje se da polaznici ove obuke su prethodno pohađali obuku:
- Osnovna obuka informacione bezbednosti „BITSEC“
Prijava
Prijavu za obuku možete pronaći na ovom linku.
Sadržaj
Teme koje će da se obrade na obuci su:
- Fundamentals of Traffic Analysis
- TCP/IP Concepts
- Using Wireshark
- Link Layer, IPv4, IPv6, and Fragmentation
- Transport Layers TCP, UDP, and ICMP
- Introduction to Intrusion Detection Systems
- IDS Architectures and Components
- Misuse and Anomaly Detection
- Performance Metrics
- Snort as a Rule Matching Network IDS
- Snort Concepts and Design
- Modes of Operation: Sniffer, Packet Logger, NIDS
- Plug-Ins
- Running, Installing, Configuring, and Customizing Snort
- Writing Snort Rules
- Host-Based IDS
- OSSEC Open-Source HIDS/SIM
- Machine-Learning Based IDS
- Theory behind Supervised Learning
- Training Network IDS Systems
- Training Host-Based IDS Systems
- Custom IDS from Scratch
- IDS Evasion Techniques and Countermeasures
- Integration with Other Security Mechanisms