Weekly study6 hours
Gain an understanding of how to monitor, analyse and prevent intrusions.
This course looks at Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) and examines their suitability for different business contexts. It will also look at the nature of the evidence that can be gathered by these systems and how to maintain the provenance of the evidence.
- IDS and IPS
- Different approaches to I(D/P)S
- End and Net I(D/P)S, Endpoint Detection and Response (EDR) and IDS evasion
- Log analysis
- Security information and event management (SIEM) / Urchin tracking module (UTMs)
- Autonomic computing (AI and network)
- Self-healing systems
Learning on this course
You can take this self-guided course and learn at your own pace. On every step of the course you can meet other learners, share your ideas and join in with active discussions in the comments.
What will you achieve?
By the end of the course, you‘ll be able to...
- Identify a suitable I(D/P)S for a given environment
- Assess the quality of evidence given by an I(D/P)S
- Evaluate potential I(D/P)S evasion strategies and suggest alternative action and reform
Who is the course for?
This course is for MSc Cyber Security students.
Please note that the staff described in the ‘Who will you learn with?’ section below may be subject to change.
What software or tools do you need?