(+40 21) 527 16 00
askformore@bittnet.ro
LinkedIn
Curs valabi până la modificarea structurii de Cursuri Cisco: 24.02.2020

Cisco SSFRULES – Securing Cisco Networks with Snort Rule Writing Best Practices

In this course you will learn about the Snort language and writing rules. You will begin with basic rule syntax and structure and advance to more complex rule-option usage, packet captures and practice what you have learned.

The focus of this course will be on hands-on experience with detecting certain types of attacks and using different types of rule-writing techniques.

Cui i se adresează?

This course is aimed at security administrators, security consultants, netwokr administrators, system engineers and technical support personne.

Ce veți învăța?

Upon completion you will know how to:

  • Understand rule structure, rule syntax, rule options, and their usage
  • Configure and create Snort rules
  • Understand the rule optimization process to create efficient rules
  • Understand preprocessors and how data is presented to the rule engine
  • Create and implement functional regular expressions in Snort rules
  • Design and apply rules using byte_jump/test/extract rule options
  • Understand the concepts behind protocol modeling to write rules that perform better
Cerințe preliminare:

Students need to have:

  • Technical understanding of TCP/IP networking and network architecture
  • Working knowledge of how to use and operate Cisco Sourcefire® Systems or open source Snort
  • Working knowledge of command-line text editing tools, such as the vi editor
    Basic rule-writing experience is suggested
Agenda cursului:

Materialele de curs sunt în limba Engleză. Predarea se face în limba Română.

Citește agenda cursului
Citește agenda cursului

1. Welcome to the Sourcefire Virtual Network
2. Basic Rule Syntax and Usage
3. Rule Optimization
4. Using PCRE in Rules
5. Using Byte_Jump/Test/Extract Rule Options
6. Protocol Modeling Concepts and Using Flowbits in Rule Writing
7. Case Studies in Rule Writing and Packet Analysis
8. Rule Performance Monitoring
9. Rule Writing Practical Labs, Exercises, and Challenges

Este recomandat să continui cu:

Nu există cursuri recomandate după finalizarea acestui curs.

Programe de certificare

Nu sunt programe de ceritifcare pentru acest curs.

Detalii curs

Durată
5
zile

Preț
0
EUR

Modalități de livrare
Predare în clasă, Clasă hibridă, Clasă virtuală
Nivel de specializare
5. Specialized
Într-o economie bazată pe cunoaștere, educarea și instruirea angajaților reprezintă o investiție în vederea obținerii unei performanțe îmbunătățite pe termen scurt, precum și a succesului pe termen lung al organizației.
DORESC SĂ MĂ ÎNSCRIU LA CURS

Vă rog să mă contactați:

Meniu