• Online, Self-Paced
Course Description

In this course, you'll learn how to extract files from a TCP stream from a PCAP file using Wireshark. Next, you'll explore how to identify intrusion elements from a given pcap file using Wireshark. You'll learn how to interpret common artifacts from events for an alert using the Cisco FMC. Finally, you'll examine how to use basic regular expressions with grep and the Cisco CLI. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.

Learning Objectives

{"identify methods used in Wireshark to decrypt traffic","recognize the steps to export objects from a Wireshark capture"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Operations
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Network Services
  • Threat Analysis