TN-865: Wireshark Network Traffic and Security Analysis

Course Overview:

This course delivers the technical knowledge, insight, and hands-on training to receive in-depth knowledge on Wireshark® and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will learn about the underlying theory of TCP/IP and the most used application protocols, so that you can intelligently examine network traffic for performance issues or possible Indicators of Compromise (IoC).

Duration: 5 Days

Audience:

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, and security analysts.

Course Prerequisites:

We recommend that attendees of this course have the following prerequisite:
• Network+

Dates/Locations:

No Events

Course Outline:

DAY ONE

Course Set Up and Analyzer Testing

Network Analysis Overview
Wireshark Functionality Overview
Capturing Wired and Wireless Traffic
Define Global and Personal Preferences for Faster Analysis
Defined Time Values and Interpret Summaries
Interpret Basic Trace File Statistics to Identify Trends
Create and Apply Display Filters for Efficient Analysis

DAY TWO

Follow Streams and Reassemble Data
Use Wireshark’s Expert System to Identify Anomalies
TCP/IP Analysis Overview
Analyze Common TCP/IP Traffic Patterns

DAY THREE

Graph I/O Rates and TCP Trends
802.11 (WLAN) Analysis Fundamentals
Voice over IP (VoIP) Analysis Fundamentals
Network Forensics Fundamentals

DAY FOUR

Detect Scanning and Discovery Processes
Analyze Suspect Traffic

DAY FIVE

Use Command‐Line Tools

Next/Related Courses:

 

 

TN-949: Certified Firewall Analyst Course

Course Overview:

This is a hands-on course that covers many of the concepts of securing the perimeter of an organization. This includes concepts such as intrusion detection, packet filtering, and central logging.

A skills focus enables the student to better absorb the subject matter and perform better on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of Firewalls.

This course is an excellent precursor to PA-215 Palo Alto Firewall Essentials FastTrack.

Attendees to TN-949: Certified Firewall Analyst Prep will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Analyzing Network and Wireless Design
  • Creating and Auditing a Rulebase
  • Firewall Assessment and Penetration Testing
  • Host-Based Detection and DLP
  • Incident Detection and Analysis
  • IOS and Router Security
  • IPv6 and ICMPv6
  • Log Collection and Analysis
  • NAT and Proxies
  • Netfilter IPtables
  • Network Access Control
  • Network-Based Intrusion Detection
  • Packet Filters and Inspection
  • Packet Fragmentation
  • Perimeter Concepts and IP Fundamentals
  • Securing Hosts and Services
  • TCP/IP Protocols
  • VPN Design and Auditing
  • VPN Implementation

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking and security  experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

Liked the class?  Then let everyone know!

CT-213: Cloud Essentials+

 

Course Overview:

CompTIA Cloud Essentials+ is for both IT and non-technical professionals who require the essential business acumen needed to make informed cloud service decisions.  Cloud Essentials is a vendor-neutral credential designed to validate the candidate has an understanding of basic terms and definitions of cloud computing along with the different processes involved in the successful adoption of cloud computing and its implications for organizations’ use.

TechNow is a CompTIA partner and uses official CompTIA Cloud Essentials+ curriculum.

Attendees to CT-213: Cloud Essentials+ will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time Event
03/30/2026 - 04/01/2026
08:00 -16:00 		CT-213: Cloud Essentials+
TechNow, Inc, San Antonio TX
06/15/2026 - 06/17/2026
08:00 -16:00 		CT-213: Cloud Essentials+
TechNow, Inc, San Antonio TX
10/13/2026 - 10/15/2026
08:00 -16:00 		CT-213: Cloud Essentials+
TechNow, Inc, San Antonio TX

Course Duration: 3 days

Course Objectives:

  • Domain 1 : Cloud Concepts
    • Understand cloud principles
    • Identify cloud networking concepts & storage techniques
    • Understand cloud design aspects
  • Domain 2: Business Principles of Cloud Environments
    • Identify and employ appropriate cloud assessments like feasibility studies, benchmarking, or gap analysis
    • Highlight key business aspects of cloud vendor relation adoption, and comprehend cloud migration approaches
  • Domain 3: Management and Technical Operations
    • Explain aspects of operating within the cloud, such as data management or optimization
    • Understand the role of DevOps in cloud environments, like API integration or provisioning
  • Domain 4: Governance, Risk, Compliance and Security for the Cloud
    • Understand risk management and response concepts related to cloud services and identify the importance and impacts of compliance in the cloud, such as regulatory concerns or international standards.

 

Course Prerequisites:

  • CompTIA recommends that a candidate have at least 6 months of experience in an IT environment, with direct involvement in IT-related tasks responsibilities and/or decision making.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

Palo Alto Networks Firewall Training Course Lab

Working with the TechNow lab for the PA-215: Palo Alto Networks Firewall Essentials FastTrack course has been nothing less than a techie's idea of fun.  When students come in we are immediatly configuring the Cisco 3750 switches for access ports, VLANS, and trunks.  We then cable the switch to the Palo Alto Networks Firewall.  Each student gets their own Palo Alto Firewall Pod of hardware and software.  What we find as fun is the VLAN environment, with an array of virtual machines hosted on an ESXi server that can really exercise the abilities of the Palo Alto Firewall.  The DMZ VLAN hosts virtual machines that support enterprise services and also potentialy vulnerable web services.  The Trust VLAN has Windows and Linux clients.  The UnTrust VLAN has Web services and a VM of Kali. The hardware Firewall is additionally connected to a Management VLAN.  All those VLANs are trunked into an ESXi server where the student also has a VM-Series Palo Alto Networks Firewall for High Availability.  

After configuring all the trunking, VLANs, and network interfaces we learn about the firewall and configure it for the lab environment.  Using Metasploitable and Kali/Metasploit nefarious penetration attempts are executed.  Using packet captures, custom APP-ID's  and custom signatures are generated.  Custom logging and reporting are created to similate and enterprise and assist the desired Incident Response.  It is always fun in a training environment to learn all about the controls available in a product, even though specific controls may not be used in the operational environment.  In the end we have a good understanding of the Palo Alto Networks Firewall.