This course provides the student the concepts, methodologies, and hands-on tools to analyze network traffic for the purposes of focused operations, cyber operations, intrusion detection, and incident response. Each student will be provided an overview on how packet analysis applies to their cyber security position.
You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems, and you will prepare for the latest Wireshark Certified Network Analyst (WCNA) certification exam.
Wireshark® is an open source Network Packet Analyzer for analyzing the TCP/IP communications. The participants will experience the use of Wireshark to identify problems in TCP/IP communications.
Topics you will cover in this course include:
Traffic capturing techniques and analyzer placement
Traffic filtering (capture/display)
Customized profiles creation
Coloring rules, graphing, field interpretations, and functionality of key TCP/IP communications
Normal behavior of ARP, DNS, IP, TCP, UDP, ICMP, and HTTP/HTTPS
Latency issue identification
Connection establishment concerns
Common indications of reconnaissance processes and breached hosts
Please bring your own laptop loaded with Wireshark to class. You may download Wireshark for free at www.wireshark.org.
WHO NEEDS TO ATTEND:
Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, security analysts, and those preparing for the Wireshark Certified Network Analyst exam.
*Course cost listed does not include the cost of courseware (required) or lunch (optional). Please contact us at firstname.lastname@example.org or 207-775-0244 for additional pricing information, or if you have any questions. Course is subject to minimum enrollment. Course may run as a Live Distance Learning (LDL) session if minimum enrollment is not met.
CompTIA Network+, working knowledge of TCP/IP fundamentals, or equivalent experience is required. CCNA is recommended but not required. Students should have at least one year of work experience with TCP/IP networks. Students should have experience with basic Linux command line functions and a working knowledge of information assurance and network security principles.
•Read and understand the English language.
•Perform basic operations on a computer.
•Have Knowledge in Computer Networking, Wireless Networking
•Have Knowledge in Information, Network and Wireless Security