Contents

CMSY 164 Introduction to Intrusion Detection and Prevention Systems

From this introduction to intrusion detection and prevention systems (IDPS), students will develop a solid foundation for understanding IDPS and how they function. This course will give students a background in the technology of detecting network attacks. It will introduce all the concepts and procedures used for IDPS. Students will have hands-on experience with implementing and configuring software-and hardware-based IDPS in a network infrastructure. This course is designed with a network administrator in mind.

Credits

3

Prerequisite

CMSY 158 or CMSY 163

Hours Weekly

2 hours lecture, 2 hours lab weekly

Course Objectives

  1. 1. Define what an IDPS is and how it functions.
  2. 2. Determine where IDPS should be placed in a network.
  3. 3. Employ a packet sniffer and identify the critical parts of a TCP/IP packet.
  4. 4. Identify attack signatures and relate them to specific attacks.
  5. 5. Identify false-positives and false-negatives, and determine what causes them.
  6. 6. Define and identify the different types of IDPS.
  7. 7. Build and implement an open source IDPS system.

Course Objectives

  1. 1. Define what an IDPS is and how it functions.

    This objective is a course Goal Only

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab Rubric
  2. 2. Determine where IDPS should be placed in a network.

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab rubric
  3. 3. Employ a packet sniffer and identify the critical parts of a TCP/IP packet.

    This objective is a course Goal Only

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on Lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab Rubric
  4. 4. Identify attack signatures and relate them to specific attacks.

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-lab rubric

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands on lab rubric
  5. 5. Identify false-positives and false-negatives, and determine what causes them.

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab rubric
  6. 6. Define and identify the different types of IDPS.

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab rubric
  7. 7. Build and implement an open source IDPS system.

    Learning Activity Artifact

    • Other (please fill out box below)
    • Hands-on lab

    Procedure for Assessing Student Learning

    • Other (please fill out box below)
    • Hands-on lab rubric