There are a tremendous number of network-based attacks to be aware of on the Internet today and the number is only increasing. You can't defend against these attacks if you don't know what they look like at the packet level. This course teaches you how to analyze, detect and understand many types of network-based attacks being used today in network warfare. From layer two attacks against network devices through complex botnets and specific application vulnerabilities this class will fulfill your desire to see what these attacks look like. We even show you how to detect attacks using Flow Analysis if you don't have network packets to an analyze or you only have statistical information at your disposal. We'll use the popular protocol analyzer Wireshark and session analysis tool NetWitness Investigator alongside custom tools developed by Focal Point Academy networking experts to show you how to detect these network attacks and be prepared to handle them.
Understand current networking trends in malware and web-based attacks.
Apply traffic analysis techniques to identify network reconnaissance and IDS/IPS evasion.
Isolate common and sophisticated network attacks at OSI layers 2-7, ranging from ARP poisoning/flooding through to cross-site scripting, drive-by downloads and more.
Identify anomalous communications channels including botnet activity and advanced tunneling methods.
Perform advanced analysis to correlate activity and identify the full scope of malicious behavior from initial recon to intended effects.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.