Network Security – Network Forensics & Attack Management

Network Security - Network Forensics & Attack Management

Main Speaker:

Tracks:

After Event Workshops
cyber

Seminar Categories:

After Event Cyber
After Event Workshops
After Event Workshops
Cyber
Cyber

Course ID:

43769

Date:

14.07.2020

Time:

Daily seminar
9:00-16:30

43769

Overview

Network forensics relates to the analysis of network traffic for the purposes of identifying intrusions or anomalous activity. Compared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable, and therefore requires a different approach. This course sets the groundwork of understanding networks and the investigation process on them. Students will master the fundamentals of conducting forensic analysis in a network environment. This course will incorporate demonstrations and lab exercises to reinforce hands-on capabilities.

Who Should Attend

The course targets participants with basic knowledge in IT or networking, who wish to have a deeper understanding of cyber investigations and the forensic process. Primarily:

  • Law enforcement officers & intelligence corps
  • Incident responders
  • Computer investigators
  • IT/network administrators
  • IT security personnel
  • Junior cyber forensics analysts

Prerequisites

  • Basic knowledge in PC environment
  • Basic knowledge in IT and networking
  • Participants should be familiar with the following concepts:
    • Computer components
    • Operating Systems
    • OSI model

Course Contents

  • Network-based firewalls
    • Packet filter
    • Proxy
    • Common IDS
  • Wireshark GUI and CLI
    • Acquaintance with Wireshark
    • Statistics
    • TCP stream
  • PCAP files manipulation
  • Packet structure and analysis
  • Internet traffic analysis
  • Network forensics investigation process
  • MiTM attack
    • Methods
    • Different uses
    • Common MiTM tools
  • Writing a professional forensics report
  • Wireshark
    • SMB
    • HTTP
  • Network Miner
  • Bro – using Bro for network carving
  • Foremost
  • Defining log data
  • Log analysis process
    • Generating logs
    • Collecting logs
    • Normalizing logs
    • Filtering logs
  • Log sources
    • IDS
    • Firewalls/IPS
    • Network bandwidth
    • Applications
  • Log analysis tools
  • Common string manipulation


DevGeekWeek 2020





By entering your email address, you agree that John Bryce training will use it for marketing purposes, emails and newsletter, as well as promotional offers and announcements, according to John Bryce training & Matrix group privacy policy. Your data will be saved in our computerized database, number 700019285. You can unsubscribe at any time by mailing infomail@johnbryce.co.il or by calling 03-7100777.

Contact

DevGeekWeek 2020





By entering your email address, you agree that John Bryce training will use it for marketing purposes, emails and newsletter, as well as promotional offers and announcements, according to John Bryce training & Matrix group privacy policy. Your data will be saved in our computerized database, number 700019285. You can unsubscribe at any time by mailing infomail@johnbryce.co.il or by calling 03-7100777.

Skip to content