Packet Analysis and Intrusion Detection
MEET YOUR INSTRUCTORS FOR THIS CLASS
SCHEDULE: SEPTEMBER - OCTOBER 2020, / PRIVATE CORPORATE TRAINING
CONTACT US TO SCHEDULE A CLASS FOR YHOUR TEAM.
Take a look at our guarantee and be sure to check out your instructors.
The following comes with your class:
 Best Price Guarantee |
Six months UNLIMITED access to MORE online training 350.00 value |
| 46 hands-on labs |
Lifetime Retakes |
| USB drive with trace files and course supplements |
Student workbook |
Course Description:
The Packet Analysis and Intrusion Detection course through CyberSecurity Academy is a great class if you are interested in analyzing traffic to learn how a program or application works, or determining if a networked device is infected with malware. If you perform incident response or are involved with investigations, this course will help you take your skills to the next level. Wireshark will be used as the primary analysis tool.
Topics covered in this course will include:
- Capturing Traffic for Specific Applications
- Capturing and Classifying Your Own Background Traffic
- Capturing Traffic to a File Set
- Capturing Traffic on Your Wireless Network
- Customizing Wireshark for Different Tasks
- Customizing Wireshark Views and Settings
- Default Switch Forwarding
- Exporting Packet Details
- Extracting Files from Packet Captures
- Filtering on Packet Fields
- Following HTTP Packets through a Network
- Frames, Packets, and Segments
- Packet Loss, Recovery, and Faulty Trace Files
- Security Analysis (Network Forensics) Tasks
- The Capture Process
- The Dumpcap Capture Engine
- The Indications and Causes of Client Latency
- The Indications and Causes of Path Latency
- The Indications and Causes of Server Latency
- The Wiretap Library
- Using Command-Line Tools to Capture, Split, and Merge Traffic
- Using Tshark to Extract HTTP Host Names and IP Addresses
- Using a Ring Buffer to Conserve Drive Space
- Using Dumpcap and Tshark
- Using GeoIP to Map Targets Globally
- Using Logical Operators and Regular Expressions
- Wireshark Dissectors
Who Should Attend:
- Computer Forensics/Digital Forensics Professionals
- Incident Response Personnel
- Information Security Professionals
- IT Managers
- Law Enforcement Personnel
- Legal Professionals
- Network Administrators and Architects
- System Administrators
Prerequisites:
Good understanding of basic network concepts and TCP/IP fundamentals. You should know the purpose of a switch, a router, and a firewall. You should also be familiar with the concepts of Ethernet networking, basic wireless networking, and be comfortable with IP network addressing.
Six Months All Access Pass - Online Training:
Your tuition will include six months access to additional online training that you can take at your own pace. You will have access to videos that demonstrate how key skills are performed, and will be able to earn CPE credits for each course you complete as well as print course completion certificates. Current topics for your online training include:
- 10 Essential Wireshark Skills
- Analyze and Improve Throughput
- Analyzing Google Secure Search
- Analyzing the Window Zero Condition
- Build Wireshark Filters from Snort Rules
- Capturing Packets (Security Focus)
- Create a Security Profile
- DHCP/ARP Analysis
- Find Stuff Fast with Wireshark Filter Expression Buttons
- Hacked Hosts
- ICMP Analysis
- Nmap Network Scanning
- Packet Crafting to Test Firewalls
- Slow Networks - NOPs/SACK
- TCP Analysis in-Depth
- TCP Vulnerabilities
- Top 10 Reasons Your Network is Slow
- Trace File Analysis
- Troubleshoot/Secure Networks with Wireshark
- Troubleshooting with Coloring
- Tshark Command-Line Capture
- Wireshark 201 Filtering
- Wireshark Certified Network Analyst Exam Prep Questions
- Wireshark Functionality and TCP/IP Analysis
- WLAN Analysis 101