This course will prepare students for the collection and interpretation of information from network traffic, network devices, servers and operating systems. The network traffic section will cover methods of collecting and analyzing network traffic, including TCP/lP structure and higher level protocols. The network device section will focus on dealing with network devices such as routers, switches and firewalls. The incident response section of this course will cover both technical and procedural approaches and processes for dealing with information technology security incidents.
Conduct analysis of captured network traffic
Investigate and report on a computer security incident
Preserve and analyze log files from a range of network devices
Develop and evaluate methods of incident response and network activity investigation
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.