Let's start with course outline. So that you will have a clear understanding of how I will be presenting the lectures. We are going to start off with definitions where I will be defining what those is, what the details what the scan is and their differences. So, that before we actually get into details, you will have a clear understanding of what to expect and how to define things. After the definitions, we will move on with the TCP IP model, where I will be explaining to you all the popular DDoS attack vectors in each layer in this module, we will mainly focus on the detection and mitigation techniques for each DDoS attack vector. In most cases, I will be sharing with you correct Wireshark or TCP dump filters in order to detect and analyze such attacks.

Likewise, I will explain you the specific mitigation techniques for each DDoS attack vector I will briefly touch to the definitions of the technologies involved whenever necessary, but I will not go into details since in this course, I will solely focus on the DDoS protection part. After going through all the layers and explaining you detection and mitigation methods for every popular DDoS attack vector, we will talk about my infrastructure recommendations, which can be applied both to your own company's infrastructure and to your clients environment. Most of the recommendations will not include anything brand specific. In other words, in most cases, I will not mention configuration recommendations for any particular router or any other kind of network components. But the advices I will provide you will apply to all the brands out there whenever necessary. I will also provide you the links for further reading.

Don't hesitate to ask me any questions directly. If you will have any dots asking questions. For any lecture is more than welcome. Finally, we will discuss the DNS the strengths, weaknesses, in what way they can protect you against DDoS. And what to be aware of while choosing a CDN for DDoS protection. As mentioned in the introduction, I will not perform any DDoS attack throughout the course, nor will I defend against the DDoS attack over a real application.

Therefore, there will not be any hands on examples of Tito's. Furthermore, let me also emphasize that all the nodes provided in this course shall be used for protection only. Now, you might wonder what the TCP IP model contains, in case you haven't heard of it. I'm pretty sure you have heard but just for the record, let me just quickly go through all the layers so that we will make sure that we are on the same page. As you can see, this is a modal question. waited by network engineers to analyze network traffic in a better way.

The first layer at the bottom is the physical and data link layer. And these are basically electric signals, robots, streams, and Ethernet frames. The upper layer, the internet layer is the network layer, which has the responsibility of sending packets across potentially multiple networks by routing. The next layer is the transport layer. And that layer maintains connections. It establishes host to host connectivity by the concept of the network ports.

And finally, the application layer. It's a human computer interaction layer, where applications can access to network services. And I can tell you that this layer includes most of the web attacks, if not all, so the web admins can focus on this layer and from a network engineer perspective, internet and transport layers will of interest. Although I must also mention that there are no strict boundaries here. My recommendation is to follow the course in order from the beginning to the very end.