Network Traffic Analysis
Training Overview
The "Network Traffic Analysis" training provides comprehensive instruction on the fundamental knowledge and skills needed to understand and analyze network traffic. The training begins by providing participants with information about the basic components of a network and how it functions, allowing them to understand the importance of analyzing network traffic and how this knowledge can be used in cybersecurity. The course focuses on the capabilities of basic network analysis tools, such as tcpdump and Wireshark, in capturing and analyzing network traffic.
In this training, the network analysis process is explained in detail, covering a wide range of topics from basic capture techniques using tcpdump to advanced network analysis with Wireshark. The training emphasizes how to use pre-capture filtering techniques to handle traffic more effectively, and how to leverage Wireshark's extensive statistics and analysis features to extract maximum information from network traffic data.
What You Will Learn
- The fundamentals of the network analysis process.
- How to capture live network traffic using tcpdump.
- How to use Wireshark for in-depth traffic analysis and filtering.
- How to use Wireshark's statistics and analysis features to identify patterns and anomalies.
Who is this for?
- Security Operations Center (SOC) Analysts.
- Incident Responders.
- Network Engineers and Administrators.
Prerequisites
- A strong understanding of networking fundamentals (TCP/IP, DNS, HTTP).
Tools You Will Use
- Wireshark
- tcpdump
- TShark (Conceptual)
Training Sections
- Introduction
- Reminders
- Basic Tools
- Network Analysis Process
- tcpdump
- Network Analysis with Wireshark
- Pre-Capture Filtering
- Statistics
- Analyze
- Exam