mod1 mod1 Course Introduction NONE courseMenuBtn Course menu MainMenuButtonClicked glossaryBtn Glossary GlossaryButtonClicked resourcesBtn Resources ResourcesButtonClicked courseMapBtn Course map CourseMapButtonClicked exitBtn Exit ExitButtonClicked replayBtn Replay ReplayButtonClicked pauseBtn Pause PauseButtonClicked resumeBtn Resume ResumeButtonClicked previousPgBtn Previous Page PreviousButtonClicked nextPgBtn Next Page NextButtonClicked idsal1_01 1 Each year, attacks on the DoD network increase and become more sophisticated, putting DoD information and information systems at great risk. As an IDS analyst or administrator, your skill in using intrusion detection tools and understanding of the trends in network attacks, are critical in maintaining the confidentiality, integrity, and availability of DoD information and information systems. In this course, you will learn about the advanced tools and methods you will use in intrusion detection analysis. idsal1_02 2 When you have completed this lesson, you will be able to identify the two basic types of sniffers and some filter constructs. You will be able to explain how to use Wireshark and some simple packet capture and display filters. You will also be able to explain the process to use when analyzing malicious traffic and explain the different variables in client-side attacks. Finally, you will be able to identify what bots and botnets are, and identify their network capabilities and traffic. There are six lessons in this course, starting with this Course Introduction. Lesson two, Sniffers, explains what sniffers are, the two different types of sniffers, and how they each work. Lesson three, Wireshark and the Analysis Process, describes the basic operation of Wireshark and some techniques for configuring a sniffing session and analyzing network traffic. Lesson four, Client-Side Attacks, describes client-side attacks and, how they turn firewalls inside out. Lesson five, Bots and Botnets, explains how bots and botnets operate and how they relate to the client-side attack surface. Finally, the Course Conclusion reviews key points from each lesson and provides an opportunity for you to print a certificate of completion when you are finished.