OVERVIEW

A course covering the fundamental concepts, methodologies, and tools necessary to analyze network traffic for the purposes of intrusion and threat detection, network defense, and low profile offensive operations.

The hands-on course begins with discussing the role of network packet analysis in computer network operations (CNO). After a detailed discussion of the TCP/IP protocol suite and ethernet network operations, the student practices using the command line tool tcpdump and the protocol analyzer tshark to capture and analyze self-generated network traffic. Students then are asked to examine actual packet captures which illustrate various exploits, network reconnaissance techniques, and more advanced network attacks.

The course concludes with an extensive real world exercise in which the student must utilize all of the concepts and tools learned in class to analyze and fully characterize the various network threats and breaches.

OBJECTIVE

Upon successful completion of this course, students will be able to:

  • describe radio frequencies utilized in wireless networks
  • analyze and troubleshoot wireless networks
  • set up and operate wireless networks
  • provide basic security prevention techniques to wireless systems
AUDIENCE

This course is suitable for those seeking employment as a network professional or to advance in the wireless networking industry.

PREREQUISITES

CompTIA Network+, working knowledge of TCP/IP fundamentals, or equivalent experience is required. CCNA is recommended but not required. Students should have at least one year of work experience with TCP/IP networks. Students should have experience with basic Linux command line functions and a working knowledge of information assurance and network security principles.

CERTIFICATION EXAMS

N/A

Ready to enroll?

Apply Today
COURSE OUTLINE
MODULE 00: TCP/IP REVIEW
  • OSI vs Internet Model
  • Physical and Logical Addresses
  • Services and Ports
  • Domain Name System
  • Routing& Traffic Types
  • IP Protocols: TCP/UDP
  • Media Access Control
  • Network Communications
MODULE 01: THE PROTOCOLS
  • Link Layer
    • Ethernet
    • Address Resolution Protocol
  • Network Layer
    • Internet Protocol
    • Internet Control Message Protocol
  • Transport Layer
    • Transmission Control Protocol
    • User Datagram Protocol
  • Application Layer
  • Dynamic Host Configuration Protocol
  • Domain Name System
  • Hypertext Transfer Protocol
MODULE 02: BASIC TCPDUMP
  • Sniffing Basics
  • Capture and read files
  • Command line options
  • Filters: hosts, ports and protocols
  • Decrypting output
MODULE 03: ADVANCED TCPDUMP
  • Advanced expressions and primitives
  • Qualifiers
  • Expression combinations
  • Offsets and specific byte identification
  • Byte range filters
  • Bit masking
MODULE 04: WIRESHARK
  • Creating customized capture filters
  • Display filters
  • Filters and target lists
  • Session reconstruction
  • Dangers of WiFi
MODULE 05: PRACTICAL EXERCISE
  • An all-day team exercise to analyze packet captures from a victim network and to provide a detailed analysis of findings