This 4-day instructor-led training course shows learners how to use Wireshark 2.0 to view, capture, analyze, and troubleshoot network traffic. Emphasis is placed on a hands-on lab-based approach where learners use Wireshark on a live network. The course is vendor-agnostic and is not specific to any single model or brand of networking gear like Cisco, Juniper, Intel, or HP. The course covers protocol analysis and troubleshooting across all vendors and types of network infrastructure.
In this class, students will understand how to:
- Understand key network protocols in today’s enterprise wired and wireless networks. Analyzed protocols include: HTTP, TCP, UDP, IP, DHCP, DNS, ICMP, Ethernet, IEEE 802.11, Bluetooth, ZigBee, and ZigBee IP.
- View and analyze network traffic.
- Capture and filter network traffic.
- Analyze previously captured network traffic.
- Develop reusable profiles for analyzing and troubleshooting network traffic.
- Interpret the Wireshark 2.0 graphs and statistical reports.
- Identify and troubleshoot common network problems.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.