TCP/IP Troubleshooting with Wireshark from Global Knowledge

Classroom
Online, Instructor-Led

In this hands—on course, you will receive in—depth training on Wireshark® and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding of how to use Wireshark efficiently to spot the primary sources of network performance problems, and you will prepare for the latest Wireshark certification exam.

Topics you will cover in this course include:
• Traffic capturing techniques and analyzer placement
• Traffic filtering (capture/display)
• Customized profiles creation
• Coloring rules, graphing, field interpretations, and functionality of key TCP/IP communications
• Normal behavior of ARP, DNS, IP, TCP, UDP, ICMP, and HTTP/HTTPS
• Latency issue identification
• Connection establishment concerns
• Service refusals
• Common indications of reconnaissance processes and breached hosts

This course includes the official Wireshark study guide to help you prepare for the Wireshark Certified Network Analyst certification exam.

Please bring your own laptop loaded with Wireshark to class. You may download Wireshark for free at www.wireshark.org.

Learning Objectives

Top 10 reasons for network performance complaints
Place the analyzer properly for traffic capture on a variety of network types
Capture packets on wired and wireless networks
Configure Wireshark for best performance and non—intrusive analysis
Navigate through, split, and work with large traffic files
Use time values to identify network performance problems
Create statistical charts and graphs to pinpoint performance issues
Filter out traffic for more efficient troubleshooting and analysis
Customize Wireshark coloring to focus on network problems faster
Use Wireshark’s Expert System to understand various traffic problems
Use the TCP/IP Resolution Flowchart to identify possible communication faults
Analyze normal/abnormal Domain Name System (DNS) traffic
Analyze normal/abnormal Address Resolution Protocol (ARP) traffic
Analyze normal/abnormal Internet Protocol v4 (IPv4) traffic
Analyze normal/abnormal Internet Control Messaging Protocol (ICMP) traffic
Analyze normal/abnormal User Datagram Protocol (UDP) traffic
Analyze normal/abnormal Transmission Control Protocol (TCP) traffic
Analyze normal/abnormal Hypertext Transport Protocol (HTTP/HTTPS) traffic

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

Cyber Defense Analysis
Cyber Defense Infrastructure Support
Exploitation Analysis
Vulnerability Assessment and Management

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

Overall Proficiency Level

2 - Intermediate

Course Catalog Number

9879

Course Prerequisites

Recommended:

TCP/IP Networking

Training Purpose

Functional Development

Skill Development

Specific Audience

All

Delivery Method

Classroom

Online, Instructor-Led

Course Location

9000 Regency Parkway
Cary, NC 27518

More courses from this provider:

Global Knowledge

Contact Information

Global Knowledge
9000 Regency Parkway
Cary, NC 27518

Visit course page for more information on TCP/IP Troubleshooting with Wireshark

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.