68-520 Intrusion Detection, Response and Recovery

Information security ultimately depends on identifying and applying available security features appropriately. This course discusses the development of a secure information infrastructure consisting of servers, networks, firewalls, workstations, and intrusion detection systems. It also covers principles and practice related to secure operation of existing distributed systems. Principles of penetration testing for assessment of system security are also addressed. This course will also cover network security management systems that gather and analyze information to identify possible security breaches. It includes intrusions (attacks from outside the organization) and misuse (attacks from within the organization). Students learn the use of vulnerability assessment and scanning technologies to determine the security of a network.