Network Forensics Analysis Using Wireshark
Audience
Networking Personnel that need to acquire a foundation in network forensics technology, terminology, common networking protocols and use of Open-Source Network / Forensic Analysis tools and methodologies. Successful completion of this course will provide these individuals with a path-way into the field of both Network and Forensics Analysis.
Course Description
Network Forensics Analysis encompasses the skills of not only capturing
suspicious data, but also the ability to discern unusual patterns hidden within
seemingly normal network traffic. This course will provide the student with a
set of investigate techniques focusing on the use of vendor-neutral, Open-Source
Tools to provide insight into the following areas:
- Forensics Analysis fundamentals and data-mining
- Open-Source Network Forensics Tools
- Network security principles including encryption technologies and
defensive configurations of network infrastructure devices - Security threat recognition for a variety of network attack and exploit
scenarios including network reconnaissance techniques, intrusion and exploit
methodologies, Bot-Net threat recognition as well as common user protocol
vulnerabilities including many IP related Protocols such as IPv4/v6 / TCP,
DNS/DNSSec, ARP, ICMPv4/v6, and an introduction to Voice / Video over IP and
Wireless Networking technologies - Specialized Network Forensics Analysis techniques including suspicious
data traffic reconstruction and viewing techniques.
Format
5 days Classroom Instruction
Start/End Times
08:30-17:00
Prerequisites
Completion of Wireshark 1 and Wireshark 2
Language
English