Description

Securing the Network with an Intrusion Detection System (IDS)

Outcomes addressed in this activity:

Unit Outcomes:

Define the term computer forensics.

Conduct a basic forensics exercise using Snort®.

Illustrate the importance of audit logs to forensics investigations.

Examine how various forensics tools are used.

Examine the phases of a forensics investigation.

  • Illustrate basic encryption techniques.
  • Course Outcome:
  • IT540-2: Secure computer network data.
  • Purpose
  • This lab is designed to help you become familiar with implementing an Intrusion Detection System (IDS) to secure a computer network.
  • Lab Instructions

Part 1: Securing the Network with an Intrusion Detection System (IDS)

Complete Jones & Bartlett Lab: Securing the Network with an Intrusion Detection System (IDS) in this lab section.

The following resources will help you get oriented in the lab environment: the Common Lab Tasks Manual and J and B Lab Tips. The manual will provide detail and the tips are a very abbreviated reference.

In the lab environment, you will find instructions for the specific lab, which can be downloaded. Follow the instructions.

Use the Unit 3 Lab Worksheet to record and submit your results.

Part 2: Hypothetical Break-In

Consider the following five questions and write an essay response to each one.

How do you go about finding information when you have been told that there has been a break-in?

What servers were compromised?

Was network equipment comprised?

What user accounts were employed to do gain access?

What vulnerabilities were exploited?

What can be done to prevent a recurrence?