This course will prepare students for the collection and interpretation of information from network traffic, network devices, servers and operating systems. The network traffic section will cover methods of collecting and analyzing network traffic, including TCP/lP structure and higher level protocols. The network device section will focus on dealing with network devices such as routers, switches and firewalls. The incident response section of this course will cover both technical and procedural approaches and processes for dealing with information technology security incidents.
Learning Objectives
- Conduct analysis of captured network traffic
- Investigate and report on a computer security incident
- Preserve and analyze log files from a range of network devices
- Develop and evaluate methods of incident response and network activity investigation
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Network Services
- Cyber Defense Analysis
- Cyber Defense Infrastructure Support
- Incident Response
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.