Cisco Network Security: Intrusion Detection and Prevention

1
Join & Subscribe
LinkedIn Learning
Free Trial Available
English
Certificate Available
1-2 hours worth of material
selfpaced

Overview

Review the fundamentals of intrusion detection and intrusion prevention systems (IDS/IPS), how they detect and mitigate common attacks, and the practical applications of IDS/IPS.

A network must be able to quickly recognize threats. Intrusion detection and intrusion prevention systems (IDS/IPS) provide organizations with a proactive approach to monitoring their network, enabling them to take action against possible threats. In this course, join security ambassador Lisa Bock as she provides an overview of intrusion detection and intrusion prevention systems and explains how they detect and mitigate common attacks. She covers detection and signature engines, triggering actions and responses, and deploying an IOS-based IPS. In addition, she goes over some practical applications of these systems, including honeypot-based intrusion detection and the EINSTEIN system from the Department of Homeland Security.
Introduction
  • Welcome
  • What you need to know
  • Packet Tracer and exercise files
  • Prepare for the CCNA Security Exam (210-260)
1. IDS and IPS Overview
  • Managing the threat landscape
  • Overview and benefits of IDS and IPS
  • IPS versus IDS
  • Host-based versus network IDS
  • Prerequisites and restrictions for IPS
2. Detection and Signature Engines
  • Monitoring the network
  • Signature-based IDS
  • Sweep scan
  • Anomaly-based IDS
  • Reputation-based IDS
  • Policy-based IDS
3. Decisions and Actions
  • IDS signature files
  • Trigger actions and responses
  • Blacklist and whitelist
  • Managing IPS alarms
4. Deploying an IOS-Based IPS
  • Analyze the flow
  • Implementing an IPS
  • Configure an IPS
5. Practical Applications
  • Monitoring and analyzing
  • Syslog
  • Using IDS and honeypots
  • The EINSTEIN system
Conclusion
  • Summary

Syllabus

Introduction
  • Welcome
  • What you need to know
  • Packet Tracer and exercise files
  • Prepare for the CCNA Security Exam (210-260)
1. IDS and IPS Overview
  • Managing the threat landscape
  • Overview and benefits of IDS and IPS
  • IPS versus IDS
  • Host-based versus network IDS
  • Prerequisites and restrictions for IPS
2. Detection and Signature Engines
  • Monitoring the network
  • Signature-based IDS
  • Sweep scan
  • Anomaly-based IDS
  • Reputation-based IDS
  • Policy-based IDS
3. Decisions and Actions
  • IDS signature files
  • Trigger actions and responses
  • Blacklist and whitelist
  • Managing IPS alarms
4. Deploying an IOS-Based IPS
  • Analyze the flow
  • Implementing an IPS
  • Configure an IPS
5. Practical Applications
  • Monitoring and analyzing
  • Syslog
  • Using IDS and honeypots
  • The EINSTEIN system
Conclusion
  • Summary

Taught by

Lisa Bock