BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!
Course Overview
This 5-day instructor-led course offers a hands-on continuation of PCAP analysis, designed for cybersecurity professionals, network administrators, and IT security analysts who have completed the first course. Participants will explore the foundations of intrusion analysis, including network traffic analysis on Windows and Linux, low-level protocol analysis, and mastering tcpdump. Through practical lab exercises, students will investigate email conversations, apply DNS traffic analysis, and understand advanced PCAP manipulation techniques. By the end of this immersive training, participants will be proficient in advanced network traffic analysis and prepared to tackle sophisticated cybersecurity challenges. At the completion of this course, participants will be able to:
- Perform intrusion analysis of network traffic on Windows and Linux systems.
- Conduct low-level protocol analysis.
- Master the use of tcpdump for packet capture and analysis.
- Investigate and analyze email conversations for security threats.
- Apply DNS traffic analysis techniques.
- Understand and manipulate PCAP files using advanced techniques.
- Detect and analyze sophisticated cyber threats.
Schedule
Currently, there are no public classes scheduled. Please contact a Phoenix TS Training Consultant to discuss hosting a private class at 301-258-8200.
Course Outline
Module 1: Intrusion Analysis of Network Traffic
- Introduction to Intrusion Analysis
- Overview and importance
- Tools and methodologies
- Analyzing Network Traffic on Windows
- Techniques and tools specific to Windows systems
- Analyzing Network Traffic on Linux
- Techniques and tools specific to Linux systems
Module 2: Low-Level Protocol Analysis
- Understanding Low-Level Protocols
- Detailed examination of protocols at the packet level
- Practical Analysis Exercises
- Hands-on labs for analyzing low-level protocols
Module 3: Mastering tcpdump
- Introduction to tcpdump
- Basics and advanced usage
- Advanced tcpdump Techniques
- Practical lab exercises
Module 4: Investigating Email Conversations
- Email Analysis Fundamentals
- Techniques for investigating email traffic
- Practical Investigation Exercises
- Hands-on labs for analyzing email conversations
Module 5: Applying DNS Traffic Analysis
- Introduction to DNS Analysis
- Importance and techniques
- Practical DNS Analysis Exercises
- Hands-on labs for analyzing DNS traffic
Module 6: Foundations of PCAP Manipulation
- PCAP File Basics
- Understanding and handling PCAP files
- Introduction to Manipulation Techniques
- Tools and methodologies
Module 7: Advanced PCAP Techniques
- Advanced Manipulation Techniques
- Sophisticated methods for manipulating PCAP files
- Practical Advanced Exercises
- Hands-on labs for advanced PCAP manipulation
Conclusion
- Review and summary of key concepts
- Final assessment and practical exam
- Q&A and further resources for continued learning
Prerequisites
Participants should have:
- Completed the first PCAP analysis course or possess a solid understanding of basic PCAP analysis and TCP/IP concepts.
- Familiarity with network protocols and packet-level communications.
- Prior exposure to cybersecurity principles and practices.
BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!
Phoenix TS is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints re-garding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org
