Protocol Analysis Training

Training Formats:      Instructor-Led, Self-Paced

Duration:        3 Days

Protocol Analysis Labs develop skills required to use a network protocol analyzer to examine network traffic, discover malicious activity, and report their findings.

Activities/Labs:

• Lab Environment Orientation
• Additional Scanning Options
• Analysis and Recommendation Report
• Analyze Various Data Sources to Confirm Suspected Infection
• Applying Filters to TCPDump and Wireshark
• Comprehensive Threat Response
• Detect the Introduction of a Malicious Application
• Gap Analysis of Firewall Rules
• Identify Whether High-Risk Systems Were Affected
• Log Correlation and Analysis
• Manual Vulnerability Assessment
• Manually Creating a Baseline with MD5Deep
• Monitoring and Verifying Management Systems
• Monitoring for False Positives
• Monitoring Network Traffic
• Network Discovery
• Network Segmentation (FW/DMZ/WAN/LAN)
• Network Topology Generation
• Parse Files Out of Network Traffic
• Preliminary Scanning
• Report writing for presentation to management
• Using Snort and Wireshark to Analyze Traffic
• Vulnerability Analysis/Protection