This course provides the student the concepts, methodologies, and hands-on tools to analyze network traffic for the purposes of focused operations, cyber operations, pen testing, intrusion detection, and incident response. Each student will be provided an overview on how packet analysis applies to their cyber security position.
- Administrivia (Course Overview, Bathrooms, Breaks) – Instructor and Student Introductions
- Packet Analysis Overview
- Application of packet analysis Cyber Operations and Focused Operations
- TCP/IP / UDP Stack Review
- Other protocols / Codecs
- Deploy and configure TCPDump
- Analysis Methods using TCPDump
- Deploy and configure tShark
- Analysis Methods using tShark
- System Tests and evaluations
- Hands-on Exercises and Final Practical Exam/CAPSTONE Exercise
This course will provide an overview of the TCP/IP Stack to include UDP as it relates to architecture but also includes how packet analysis can identify and create network based attacks. Students will learn how to use TCPDump, TShark, and will be given an overview of commercial tools to conduct analysis.
Course includes the following takeaway items: a printed training book and a CD that includes reference materials pertaining to the course.
Every student participating will receive a certificate of successful participation in this course, which will allow you to claim hours of Continuous Professional Experience for your existing certifications. Our Continuing Education Credits are accepted by ISC2, CompTIA and ISACA.