Cyber Security Investigations

Audience

This course is designed for Cyber/Cloud Network Security that possess a basic to intermediate general security and networking knowledge. Successful completion of this course will provide these individuals with a path-way into the field of Network Forensics Analysis. Personnel that already posses a working knowledge of Host-based Forensics Analysis should also attend this course as a means of gaining expertise in the End-to-End Digital Forensics process.

Recommended Course Prerequisites

For maximum effectiveness, attendees should have at least basic familiarity with TCP/IP networking and basic network infrastructure devices such as Switches, Routers, etc. Attendees will also be required to bring their own laptop.

Course Description

Network Forensics Analysis encompasses the skills of not only capturing suspicious data, but also the ability to discern unusual patterns hidden within seemingly normal network traffic. This course will provide the student with a set of investigate techniques focusing on the use of vendor-neutral, Open-Source Tools to provide insight into the following areas:

  • Forensics Analysis fundamentals
  • Data Recorder technology and data-mining
  •  Network security principles including encryption technologies and defensive configurations of network infrastructure devices
  • Security threat recognition for a variety of common network attack and exploit scenarios including network reconnaissance techniques, Bot-Net threat recognition and man-in-the-middle attacks as well as common user protocol vulnerabilities including IP related Protocols (IP / TCP, DNS, ARP, ICMP), Email Protocols (Pop / SMTP / IMAP) and other, common Internet based User Protocols
  • Open-Source Network Forensics Tools
  • Specialized Network Forensics Analysis techniques including suspicious data traffic reconstruction and viewing techniques.
  • Real-World examples will be utilized throughout the course in conjunction with numerous hands-on exercises to provide field proven, practical Forensics Analysis skills. Attendees will receive a training binder including numerous reference Wireshark trace files and a DVD with networking and forensics tools, as well as a library of Network Forensics Analysis reference documents.

Format

5 days Classroom Instruction

Start/End Times

08:30-17:00

Recommended Class Size

6-16

Language

English