mod1mod1Course IntroductionCourse Introductionlinks../mod1/assets/coursemap.swfcourseMenuBtnCourse menu. Select this button to access the course menu.MainMenuButtonClickedmoduleMapBtnLesson Map. Select this button to access the lesson map.CourseMapButtonClickedglossaryBtnGlossaryGlossary. Select this button open the glossary.GlossaryButtonClickedresourcesBtnResources. Select this button open the resources.ResourcesButtonClickedexitBtnExit. Select this button to exit the course.ExitButtonClickedreplayBtnReplay. Select this button to replay the current screen.ReplayButtonClickedpauseBtnPause. Select this button to pause the course.PauseButtonClickedresumeBtnResume. Select this button to resume the course.ResumeButtonClickedpreviousPgBtnPrevious PagePrevious. Select this button to go to the previous screen.PreviousButtonClickednextPgBtnNext PageNext. Select this button to go to the next screen.NextButtonClickedIntroductionPurposeidsal1_011Each year, attacks on the DoD network increase and become more sophisticated, putting DoD information and information systems at great risk. As an IDS analyst or administrator, your skill in using intrusion detection tools and understanding of the trends in network attacks, are critical in maintaining the confidentiality, integrity, and availability of DoD information and information systems. In this course, you will learn about the advanced tools and methods you will use in intrusion detection analysis. For each screen you will hear a description. The description is cued by an audio tone. Listen to the description, and then select the play audio narration button to continue. Screen 1 of 11. Lesson title: Course Introduction. Topic title: Introduction. Screen title: Purpose. Image of a masked men with laptops appear with pulsing lines moving toward a cloud labeled The Internet. The lines representing malicious activity pass through the cloud and move toward a screen labeled Firewall. Behind the firewall is a computer network. Some of the malicious activity makes it through the firewall and some activity is stopped at the firewall. Some of the malicious activity reaches the computer network and red rings display around the network indicating it was compromised. Pulsing lines move away from the network back to the masked men. A net representing an intrusion detection system appears between the cloud and firewall. It blocks the malicious activity from reaching the network.Objectives and Lessonsidsal1_022When you have completed this course, you will be able to identify the two basic types of sniffers and some filter constructs. You will be able to explain how to use Wireshark and some simple packet capture and display filters. You will also be able to explain the process to use when analyzing malicious traffic and explain the different variables in client-side attacks. Finally, you will be able to identify what bots and botnets are, and identify their network capabilities and traffic. There are six lessons in this course, starting with this Course Introduction. Lesson two, Sniffers, explains what sniffers are, the two different types of sniffers, and how they each work. Lesson three, Wireshark and the Analysis Process, describes the basic operation of Wireshark and some techniques for configuring a sniffing session and analyzing network traffic. Lesson four, Client-Side Attacks, describes client-side attacks and, how they turn firewalls inside out. Lesson five, Bots and Botnets, explains how bots and botnets operate and how they relate to the client-side attack surface. Finally, the Course Conclusion reviews key points from each lesson and provides an opportunity for you to print a certificate of completion when you are finished. Screen 2 of 2. Screen title: Objectives and Lessons. Five learning objectives display in support of audio. Six topics display. The first topic is titled Course Introduction. The second topic is titled Sniffers. The third topic is titled Wireshark and the Analysis Process. The fourth topic is titled Client Side Attacks. The fifth topic is titled Bots and Botnets. The sixth and final topic is the Course Conclusion. A text box displays and states: References to open source or freeware in this training product are for training purposes only, and should not be considered endorsements of these products. Please check with your command, service or agency for guidance on the use of these products.