ANSAW – Advanced Network/Security Analysis with – Knowledge Club

ANSAW – Advanced Network/Security Analysis with

Teacher

Mandy Jackson

Category

CISCO Network Analyse&Monitoring WireShark

Course Attendees

Still no participant

Course Reviews

Still no reviews

The Course Name: ANSAW - Advanced Network/Security Analysis with WireShark

 

The Duration: 5 Days

 

The Overview:

 

The purpose of this course is to teach participants how to make advanced level Network & Security Analysis with using WireShark solutions.

 

What You Will Learn:

  • How to use advanced Network Analysis methodologies
  • How to use open-Source Network Analysis Tools    
  • How to troubleshoot network issues               
  • Security threat recognition       
  •      

The Course Index:

 

1 Advanced Network Analysis methodologies

1.1. The expert system window and how to use it for network troubleshooting                                                       

1.2. Error events

1.3. Warning events

1.4. Note events

2 Open-Source Network Analysis Tools                              

2.1. Tcpdump

2.2. Windump

2.3. Tshark

2.4. Capinfos                                                                         

2.5. Rawshark                                                                       

2.6. Editcap                                                                            

2.7. Mergecap                                                                       

2.8. Text2Pcap                                                                         

2.9. Reordercap

3 Troubleshooting network issues

3.1. Troubleshooting slow Internet and network latencies 3.2. Troubleshooting bottleneck issues

3.3. Discovering broadcast and error storms

3.4. Analyzing spanning tree problems

3.5. Analyzing VLAN tagging issues

3.6. ICMP(v4/v6) troubleshooting

3.7. Analyzing IP fragmentation failures

3.8. Troubleshooting application-based issues

       3.8.1. Troubleshooting DNS performance

       3.8.2. Analyzing DNSSEC

       3.8.3. Analyzing problems in the NetBIOS/SMB protocols

       3.8.4. Analyzing POP, IMAP, and SMTP problems

       3.8.5. Analyzing FTP problems

       3.8.6. Analyzing HTTP problems

       3.8.7. Wireshark functions for analyzing HTTPS traffic

       3.8.8. Wireshark features for RTP stream analysis and filtering

       3.8.9. Wireshark feature for VoIP call replay.       

3.9. Wireless radio issues, analysis, and troubleshooting

       3.9.1. Zero wireless connectivity

       3.9.2. Poor or intermittent wireless connectivity

  1. Security threat recognition

4.1. Methodology of attack                                                           

4.2. Common network attacks

       4.2.1. Spoofing

       4.2.2. DoS and DDoS

       4.2.3. Botnet

4.3. Discovering unusual traffic patterns                                

4.4. Discovering MAC-based attacks                                          

4.5. ARP attacks and mitigations

       4.5.1. ARP poisoning and man-in-the-middle attacks

       4.5.2. Gratuitous ARP

       4.5.3. ARP sweep-based DoS attacks

4.6. Analyzing half-open scan

4.7. ICMP attacks and mitigations

       4.7.1. Ping sweep attack

       4.7.2. Discovering ICMP scans

       4.7.3. ICMP flood attack

       4.7.4. ICMP smurf attack

4.8. IP TTL failures and attacks

4.9. Discovering DoS and DDoS attacks

4.10.  Discovering smart TCP attacks

4.11.  Analyzing brute force attacks

4.12.  Case study 1. Remote access

4.13.  Case Study 2. Image

4.14.  Case Study 3. VoIP

Our Main Teachers

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean egestas magna at porttitor vehicula.

Price : Free

Max Availability : 20

Register For Course