Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

IDS III: On-site Log Analysis, Event Correlation and Response (Custom) Certification Class

Real-Time Tools and Methodologies for Discovering and Reacting to Network Intrusion Attempts

This 72 hour class investigates how to strengthen network- and host-based intrusion detection systems (IDS). You will explore the leading IDS products on the market today, including Cisco, ISS real secure, SNORT, Tripwire Enterprise (and shareware) and more. You will compare managed services to make informed decisions about which is best suited to your organization. You will explore the pros and cons of perimeter defenses and deep internal defenses. Hacker attack labs will enrich your skills of port scanning, exploit buffer overruns, and other network assaults in action. When you leave this cutting-edge seminar, you will know where to position sensors and consoles; the types of responses you will receive; and how to react to alerts using industry-standard IDS countermeasures.  Bonus: You will receive a Network Intrusion Defense Kit drive.

Class Fee: $3,990
Time:72 hrs
Learning Level:Advanced
Contact Hours:37 hr Lecture 35 hr labs
Prerequisites:Basic competency with TCP/IP  & Linux.
Credits:72 CPE / 3 CEU
Method of Delivery:Residential (100% face-to-face) or Hybrid
Method of Evaluation:95 % attendance     2. 100 % completion of Lab
Grading:Pass = Attendance+ labs & quizzes Fail  > 95% Attendance

Sample Job Titles:
Information Assurance (IA) Architect
Information Security Architect
Information Systems Security Engineer
Network Security Analyst
Research & Development Engineer
Security Architect/ Security Engineer
Security Solutions Architect
Systems Engineer/ Systems Security Analyst


This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.

KU Outcomes

Who Should Attend:
CIO's; Information Security Officers; Information Technology Managers, administrators, and Auditors;  Telecommunications and Network Administrators; Consultants; Systems and Data Security Analysts; Project Managers; and Technology Planners



Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while your mitigating the threat step by step.

Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below