Wireshark Certification Bootcamp
Audience
Successful completion of the Wireshark Certification certifies that an individual possesses an in-depth knowledge of TCP/IP and network/protocol analysis, troubleshooting communications, network optimization, network forensics, and security.
The Wireshark Certification focuses on analyzing packets and protocols with emphasis on the following areas:
– Wireshark Functionality and Configuration
– TCP/IP Network Communications
– Network Analysis and Troubleshooting
– Network Security fundamentals
Description
Successful completion of the Wireshark Certification certifies that an individual possesses an in-depth knowledge of TCP/IP and network/protocol analysis, troubleshooting communications, network optimization, network forensics, and security.
The Wireshark Certification is recognized as a top industry certification. The Certification Exam was certified DoD 8570 compliant by the U.S. Army in 2009.
The Wireshark Certification Exam focuses on analyzing packets and protocols with emphasis on the following areas:
– Wireshark Functionality and Configuration
– TCP/IP Network Communications
– Network Analysis and Troubleshooting
– Network Security fundamentals
Course Details:
Section 1: Introduction to Network Analysis
- Introduction to Network Analysis
- Introduction to Wireshark
Section 2: Collecting the Data
- Configuring and Using Wireshark
- Configuring Wireshark
- Building and optimizing configuration Profiles for data capture
- Using capture filters to capture specific suspect traffic
- Location – How Network Infrastructure Devices Effect Ethernet Network Analysis
- Hubs, Switches, Bridges, Routers, Firewalls, and CSU / DSU
- Constructing, Using, and Interpreting Color Rues
- Define Time Values and Interpret Summaries
- Answering the key questions – Interpret Basic Trace File Statistics
- Show me the Money! – Creating and Applying Display Filters
- Annotate Save Export and Print Packets
- Follow Streams and Reassemble Data
- Use Wireshark’s Expert System
Section 3: Analyzing the Data – The Protocols
- Domain Name System (DNS)
- Structure, Analysis and Filtering
- Analyze Normal DNS Queries/Responses
- Analyze DNS Problems
- Address Resolution Protocol (ARP)
- Structure, Analysis and Filtering
- Analyze Normal ARP Requests/Responses
- Analyze Gratuitous ARP
- Analyze ARP Problems
- Internet Protocol (IPv4/6)
- Structure, Analysis and Filtering
- Analyze Normal IPv4 Traffic
- Analyze IPv4 Problems
- Internet Control Message Protocol (ICMPv4/6)
- Structure, Analysis and Filtering
- Type & Code Numbers
- Analyze ICMP Problems
- User Datagram (UDP)
- Structure, Analysis and Filtering
- Analyze Normal UDP Traffic
- Analyze UDP Problems
- Transmission Control Protocol (TCP)
- Structure, Analysis and Filtering
- TCP-IP Analysis Overview
- Graph IO Rates & TCP Trends
- Define the Establishment of TCP Connections
- Define How TCP-based Services Are Refused
- Define How TCP Connections are Terminated
- Track TCP Packet Sequencing
- Define How TCP Recovers from Packet Loss
- Improve Packet Loss Recovery with Selective Acknowledgments
- Define TCP Flow Control
- Detect and Analyze TCP Problems
- Dynamic Host Configuration Protocol (DHCPv4/6)
- Structure, Analysis and Filtering
- Analyze Normal DHCP Traffic
- Analyze DHCP Problems
- Hypertext Transfer Protocol (HTTP)
- Structure, Analysis and Filtering
- Analyze Normal HTTP Communications
- Analyze HTTP Problems
- Analyze SSL/TLS Handshake
- Analyze TLS Encrypted Alerts
- Decrypt HTTPS Traffic
- File Transfer Protocol (FTP)
- Structure, Analysis and Filtering
- Analyze Normal FTP Communications
- Analyze Passive Mode Connections
- Analyze Active Mode Connections
- Analyze FTP Problems
- Email Protocols
- Structure, Analysis and Filtering
Section 4: Other Network Technologies and Network Security Fundamentals
- WLAN Analysis
- Compare Monitor Mode and Promiscuous Mode
- Compare Signal Strength and Signal-to-Noise Ratios
- Describe 802.11 Traffic Basics
- Analyze Normal 802.11Communications
- Dissect Basic 802.11 Frame Elements
- VoIP Analysis
- Define VoIP Traffic Flows
- Analyze Session Bandwidth and RTP Port Definition
- Analyze VoIP Problems
- Analyze SIP Traffic and RTP
- Traffic Baselining
- Find the Cause of Performance Problems
- Network Forensics Overview
- Detect Scanning & Discovery Processes
- Analyze Suspect Traffic
- Effective use of Command Line Tools
- Wireshark Tricks & Tips
Recap – Effective Troubleshooting Techniques
Section 5: Supplemental Resources
- Appendix “A” – Useful Stuff
- Appendix “B” – Book List: Recommended Reading
- Appendix “C” – Wireshark Command Line Program User Guides
- Appendix “D” – Wireshark USB Capture Guide
Section 6: Where do I go From Here? – Continuing Your Wireshark Education
- Wireshark 1 – TCP/IP Analysis and Troubleshooting with Wireshark
- Wireshark 2 – Masterclass Advanced Network and Security Analysis
- Wireshark 3 – Network Forensics Analysis
- Wireshark 4 – Mobile Device Forensics Analysis
- Wireshark 5 – Cloud and Internet of Things (IoT) Advanced Network Analysis
- Wireshark 6 – VoIP Advanced Network Analysis
- Wireshark 7 – WiFi Advanced Network Analysis
- Wireshark 8 – SCADA and ICS Advanced Network Analysis
- Wireshark 9 – Wireshark Command Line Programs
Format
5 days Classroom Instruction
Start/End Times
08:30-17:00
Recommended Class Size
6-16
Language
English