• Online, Self-Paced
Course Description

The ability to filter based on the protocols in use over a network gives a window into how it is used. Knowing what good and bad traffic looks like and identifying unencrypted traffic and potential avenues for security compromise is essential. In this course, you'll apply various filters to network traffic using Wireshark and explore factors to look out for based on the protocol being examined.

You'll learn to filter DHCP and DNS traffic. You'll differentiate between TCP, UDP, ICMP, and ARP traffic. You'll watch insecure protocols like POP, IMAP, Telnet, and FTP. You'll examine what can be discovered by looking at secure traffic over SSH and HTTPS and secure POP and IMAP variants. Finally, you'll examine IPv6 packets.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Cyber Operations
  • Cyber Defense Analysis
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Systems Analysis
  • Threat Analysis