Network Traffic Analysis will enable students to differentiate between normal and abnormal network traffic. The course focuses on research, filtering and comparative analysis to identify the different types of activity on a network and attribute their source. A subject matter expert will teach you security-related tactics, techniques and procedures for performing network analysis in today's ever-changing threat landscape. You'll learn to follow conversations through redirection as well as how to develop custom filters for non-dissected protocols. After attending this course, students will be able to hone in on the key events in a traffic capture and reconstruct the event time line.
Use summary and statistical data from packet captures to baseline networks, spot anomalies and drive analytic effort.
Navigate incisively through network traffic (including large traffic captures) and reconstruct activity using custom filtering and other tools.
Attribute network behavior by using Internet-based open source research.
Recognize and decode common encoding types.
Manually analyze non-dissected protocols.
Perform user attribution and profiling by means of HTTP header analytics.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.