ISSC642 Intrusion Detection and Incident Handling (3 semester hours)

This course examines the tenets of Intrusion Detection, Intrusion Prevention, and Incident Handling. Intrusion Detection focuses on the methods to detect attempts (attacks or intrusions) to compromise the confidentiality, integrity or availability of an information system. Also included is an analysis of the principles and practices of intrusion detection, intrusion prevention, and incident handling; network-based, host-based, and hybrid intrusion detection; identifying attack patterns; deployment of resources and responses to handle the incident, surveillance, damage assessment, risk assessment, data forensics, data mining, attack tracing, system recovery, and continuity of operation.