TN-865: Wireshark Network Traffic and Security Analysis

Course Overview:

This course delivers the technical knowledge, insight, and hands-on training to receive in-depth knowledge on Wireshark® and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will learn about the underlying theory of TCP/IP and the most used application protocols, so that you can intelligently examine network traffic for performance issues or possible Indicators of Compromise (IoC).

Duration: 5 Days

Audience:

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, and security analysts.

Course Prerequisites:

We recommend that attendees of this course have the following prerequisite:
• Network+

Dates/Locations:

No Events

Course Outline:

DAY ONE

Course Set Up and Analyzer Testing

Network Analysis Overview
Wireshark Functionality Overview
Capturing Wired and Wireless Traffic
Define Global and Personal Preferences for Faster Analysis
Defined Time Values and Interpret Summaries
Interpret Basic Trace File Statistics to Identify Trends
Create and Apply Display Filters for Efficient Analysis

DAY TWO

Follow Streams and Reassemble Data
Use Wireshark’s Expert System to Identify Anomalies
TCP/IP Analysis Overview
Analyze Common TCP/IP Traffic Patterns

DAY THREE

Graph I/O Rates and TCP Trends
802.11 (WLAN) Analysis Fundamentals
Voice over IP (VoIP) Analysis Fundamentals
Network Forensics Fundamentals

DAY FOUR

Detect Scanning and Discovery Processes
Analyze Suspect Traffic

DAY FIVE

Use Command‐Line Tools

Next/Related Courses:

 

 

TN-812: Information Systems Security Engineering Professional (ISSEP)

Course Overview:

This concentration was developed in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSP®-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The SSE model taught in the IATF portion of the course is a guiding light in the field of information security and the incorporation of security into all information systems.

Attendees to TN-812: Information Systems Secuirty Engineering Professional (ISSEP) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Systems Security Engineering
  • Certification and Accreditation
  • Technical Management
  • U.S. Government Information Assurance Governance

Prerequisites:

Comments

Latest comments from students

User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.

User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.

Liked the class?  Then let everyone know?

Security Course Flow

We are often asked what is the recommended sequence of classes.  Here is our recommended sequence of classes for The Security Field.

Certified Information Security Manager (CISM)

CT-325 CompTIA Security+ Arrowright TN-825 Certified Information Security Manager

Certified Information Systems Auditor(CISA)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-822: Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional(CISSP)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-815 CISSP Certification Prep Seminar