Incident response process : preparation, identification, containment, investigation, eradication, recovery, and lessons learned. Malicious code analysis. Signature-based intrusion detection. Anomaly-based intrusion detection. Using security information and event management to detect incidents. Detecting different attacks based on network traffic analysis. Network flow analysis for intrusion detection. Collection and analysis of security events from endpoints, servers, and network devices. Network architecture for intrusion detection.
- Responsable du site: Valérie Baudart
- Enseignant (éditeur) : Lucian Andrei
- Enseignant (éditeur) : Gervais Ouellet