Network Forensics Analysis encompasses the skills of capturing suspicious data and discern unusual patterns hidden within seemingly normal network traffic. This course provides the student with a set of investigate techniques focusing on the use of vendor-neutral, Open-Source Tools to provide insight into the following areas:

– Forensics Analysis fundamentals, data-mining, and an introduction to the science of Open-Source Intelligence collection

– Network security principles including encryption technologies and defensive configurations of network infrastructure devices

– Indication of Compromise and threat recognition for a variety of network attack and exploit scenarios, including reconnaissance techniques, intrusion and exploit methodologies, Bot-Net threat recognition as well as standard user protocol vulnerabilities including many IP related Protocols such as IPv4/v6 / TCP, DNS/DNSSec, ARP, ICMPv4/v6, and an introduction to Voice / Video over IP and Wireless Networking technologies

– Specialized Network Forensics Analysis techniques, including suspicious data traffic reconstruction and viewing Real-World examples are utilized throughout the course in conjunction with numerous hands-on exercises to provide field-proven, practical analysis skills. Attendees receive a student guide including multiple reference files, networking and forensics tools, and a library of reference documents.