This course provides the student the concepts, methodologies, and hands-on tools to analyze network traffic for the purposes of focused operations, cyber operations, pen testing, intrusion detection, and incident response. Each student will be provided an overview on how packet analysis applies to their cyber security position. This course will provide an overview of the TCP/IP Stack to include UDP as it relates to architecture but also includes how packet analysis can identify and create network based attacks.
Students will learn how to use TCPDump, TShark, and will be given an overview of commercial tools to conduct analysis.
Packet Analysis Overview
Application of packet analysis Cyber Operations and Focused Operations
TCP/IP / UDP Stack Review
Other protocols / Codecs
Deploy and configure TCPDump
Analysis Methods using TCPDump
Deploy and configure tShark
Analysis Methods using tShark
System Tests and evaluations
Final Practical Exam/CAPSTONE Exercise
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.