• Classroom
  • Online, Self-Paced
Course Description

Successful completion of this exam will demonstrate a candidate's ability to detect and analyze various network packets and associated flags. Following or tracing various protocol streams to determine various attacks will be demonstrated. The candidate will demonstrate the ability to reconstruct files for analysis and recreation of different attack scenarios.

Learning Objectives

Successful completion of this exam will demonstrate the candidate's ability to understand signature basics, what functions signatures serve, header values, how to Identifying possible signature components, and choosing a signature. The candidate shall understand the aspects of real time streaming protocols and forensic file reconstruction.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.