IDS Setup

This virtual lab is appropriate for intermediate students who have a solid understanding of networking. Once completed, the student will be able to configure an IDS using the Security Onion Linux distribution. The lab will take about 90 minutes to complete if you are unfamiliar with Security Onion. This lab will help develop knowledge of IDS and intrusion prevention systems (IPS) tools and applications, which is important for Cyber Defense Analysts and Cyber Defense Infrastructure Support Specialists. The lab will also help develop skill in detecting host and network-based intrusions via intrusion detection technologies, which is important for Cyber Defense Analysts, Systems Developers, and Vulnerability Assessment Analysts. The lab also helps develop the ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies - part of the Cyber Defense Analyst, Cyber Defense Incident Responder, and Information Systems Security Manager work roles. Snort is a common IDS and an understanding of how it works will benefit most positions in information technology. This lab is part of the Cyber Security Engineer Career Path.

Quick Info

• Skills: Configure an intrusion detection system using Security Onion, Review basic alerts and configuration using Snorby
• Time limit: 90 min
• Skill level: Intermediate
• Work Roles: Cyber Defense Analyst, Cyber Defense Infrastructure Support Specialist, Information Systems Security Manager, Systems Developer, Vulnerability Assessment Analyst