Intro to the science of OSINT and Forensics Analysis fundame
This course is for Networking, Government, and Security personnel that need to develop advanced packet investigation techniques by analyzing evidence, both Pcap-based and Open-source Intelligence-based using Wireshark and other Open-Source Analysis tools. Successful completion of this course provides these individuals with a pathway into the field of Forensics Analysis.
Network Forensics Analysis encompasses the skills of capturing suspicious data and discern unusual patterns hidden within seemingly normal network traffic. This course provides the student with a set of investigate techniques focusing on the use of vendor-neutral, Open-Source Tools to provide insight into the following areas:
– Forensics Analysis fundamentals, data-mining, and an introduction to the science of Open-Source Intelligence collection
– Network security principles including encryption technologies and defensive configurations of network infrastructure devices
– Indication of Compromise and threat recognition for a variety of network attack and exploit scenarios, including reconnaissance techniques, intrusion and exploit methodologies, Bot-Net threat recognition as well as standard user protocol vulnerabilities including many IP related Protocols such as IPv4/v6 / TCP, DNS/DNSSec, ARP, ICMPv4/v6, and an introduction to Voice / Video over IP and Wireless Networking technologies
– Specialized Network Forensics Analysis techniques, including suspicious data traffic reconstruction and viewing Real-World examples are utilized throughout the course in conjunction with numerous hands-on exercises to provide field-proven, practical analysis skills. Attendees receive a student guide including multiple reference files, networking and forensics tools, and a library of reference documents.
5 days Classroom Instruction
Completion of Wireshark 1 and Wireshark 2