Network Traffic Analysis Using WireShark

Intellectual Property, PHI, PII, and other sensitive data is often exfiltrated from your organization. Do you know what traffic is leaving your network? Do you know how to analyze traffic for anomalies and data exfiltration?  Network traffic analysis is one of the Top 5 vital cyber security skills. Without an understanding of the traffic on your network you are operating blindly.

This course discusses one of the top skills in cyber security - the ability to understand network traffic.  Network traffic doesn't lie - root kits can't circumvent it.  Attackers need to communicate. It helps to know what they are saying. Our primary objective is to provide you hands-on exposure to Wireshark and network traffic analysis with the purpose of improving your security controls through greater network understanding and visibility.

 

Objectives

• Understand TCP/IP and application level protocols
• Identify IP specific traffic and content
• Filter identified suspect traffic on a network
• Create digital reports in HTML and other readable formats
• Be capable of using multiple packet analysis tools
• Effectively use WireShark and other tools
• Filter and extract suspect traffic
• Decode traffic using nonstandard ports
• Decrypt encrypted traffic
• Extract and replay VOIP traffic

Audience

Prerequisite

IT Security Fundamentals or equivalent experience

Outline

• Understand TCP/IP and application level protocols
• Effectively use WireShark and other tools
• Identify IP specific traffic and content
• Filter identified suspect traffic on a network
• Create digital reports in HTML and other readable formats
• Be capable of using multiple packet analysis tools
• Protocol Dissection
• Decrypting HTTPS data
• VOIP Traffic
• Cookie Extraction

Duration

12 Hours (2 Days)

WebSanity Top Secret