The Enterprise Intrusion Analysis course provides students with the skills needed to discover and analyze enterprise intrusions in a UNIX environment.
Upon completion of this course, students should be able to:
* 1. Detect an enterprise system intrusion
* 2. Analyze a compromised system for crucial information: attack time, attacker location, attcker modifications to the system
* 3. Corrolate multiple log files from different parts of the enterprise to determine attacker usage
* 4. Conduct an audit of file systems to determine attacker modifications
* 5. Describe modern attacker methodology with proof of concept examples