This course will prepare students for the collection and interpretation of information from network traffic, network devices, servers and operating systems. The network traffic section will cover methods of collecting and analyzing network traffic, including TCP/lP structure and higher level protocols. The network device section will focus on dealing with network devices such as routers, switches and firewalls. The incident response section of this course will cover both technical and procedural approaches and processes for dealing with information technology security incidents.
- Conduct analysis of captured network traffic
- Investigate and report on a computer security incident
- Preserve and analyze log files from a range of network devices
- Develop and evaluate methods of incident response and network activity investigation