This course was created by DISA and is hosted on CDSE's learning management system STEPP. This course does not have a final exam.

Description:This interactive presentation is designed for newly appointed DoD Intrusion Detection System analysts. This course takes each student through a series of lessons which range from basic computer security concepts, to real world IDS analyst examples. It focuses on what the IDS analyst should look for when investigating suspicious IDS alert logs, while defending DoD networks. The topics covered in this course are: IDSs and the DoD, Networking Fundamentals, IDS Overview, Implementing IDSs, and Advanced Concepts in Incident Detection. Students are advised to review such concepts as TCP/IP and the OSI model prior to taking this course.

Course Resources: N/A

Learning Objectives:
This course is designed to enable students to:

  • Define IDS and its purpose and use within the DoD
  • Classify IDS alert characteristics into various categories of threats
  • Separate true security incidents from false positives
  • Identify the correct placement of an IDS sensor in a typical DoD network configuration
  • Explain advanced concepts in detecting security incidents using IDS technologies

Delivery Method: eLearning

Length: 3 hours 30 minutes

Target Audience: All DoD information systems users to include contractor employees with Intrusion Detection responsibilities

Number of Student per Course: N/A


  • Clearance Requirements: N/A
  • Attendance Requirements: N/A
  • Exam Requirements: N/A

Prerequisites: N/A

Credits Recommended/Earned:

System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.