• Classroom
  • Online, Instructor-Led

This 4-day instructor-led training course shows learners how to use Wireshark 2.0 to view, capture, analyze, and troubleshoot network traffic. Emphasis is placed on a hands-on lab-based approach where learners use Wireshark on a live network. The course is vendor-agnostic and is not specific to any single model or brand of networking gear like Cisco, Juniper, Intel, or HP. The course covers protocol analysis and troubleshooting across all vendors and types of network infrastructure.

Learning Objectives

In this class, students will understand how to:

  • Understand key network protocols in today's enterprise wired and wireless networks. Analyzed protocols include: HTTP, TCP, UDP, IP, DHCP, DNS, ICMP, Ethernet, IEEE 802.11, Bluetooth, ZigBee, and ZigBee IP.
  • View and analyze network traffic.
  • Capture and filter network traffic.
  • Analyze previously captured network traffic.
  • Develop reusable profiles for analyzing and troubleshooting network traffic.
  • Interpret the Wireshark 2.0 graphs and statistical reports.
  • Identify and troubleshoot common network problems.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Infrastructure Support
  • Systems Architecture
  • Systems Requirements Planning

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.