Events

 

Technical Courses /

Cyber Defence Monitoring

Date:

25-27 Mar 2015

Registration deadline:

9 Feb 2015

The course dates may be changed until 3 months before the course

Location:

Tallinn, Estonia

Number of participants:

16

Participation fee:

300 € (no fee for the Sponsoring Nations, Contributing Nations and NATO bodies)

This course concentrates on a number of important Cyber Defence Monitoring techniques and solutions.

This course concentrates on a number of important Cyber Defence Monitoring techniques and solutions. We will focus on event logging and collection with syslog protocol, regular expression language and its applications to system/network monitoring, event correlation, and finally network intrusion detection and prevention. We will also discuss a number of open-source monitoring solutions, including UNIX rsyslog package, Simple Event Correlator, and Snort IDS/IPS. Each module of the course consists of a presentation from the lecturer which is followed by a hands-on session.

Prerequisites

Participants of the course must have a good understanding of TCP/IP networking and system administration. The course content assumes that the students have recent everyday system administrator's work experience of at least 2 years in UNIX environments. In particular, the course assumes that the students have previous detailed knowledge on following topics:

  • editing files with vi editor
  • work principles of UNIX operating systems and UNIX file system layout
  • common UNIX shells (e.g., sh, bash)
  • common UNIX user tools (e.g., ls, ps, kill)
  • common UNIX system administration utilities (e.g, mount, shutdown)
  • Previous programming experience is not required, but is helpful
  • English language skill comparable to STANAG 6001, 2.2.2.2. is required.

NB! We most strongly discourage the participation of students who do not fulfil aforementioned prerequisites, since the course contains advanced lab sessions assuming this knowledge. Therefore, the presence of unskilled attendants in the audience is likely to hinder the overall progress of the course.

Registration info

To register for the course, please download the Joining Report and send the filled report to events -at ccdcoe.org