Advanced Network Forensics

Provided by

Enquire about this course

About the course

Instructor led learning that covers the skills required to conduct advanced network investigations. Candidates will understand the anatomy of an attack and the methods that can be used to identify a breach.

What Will You Learn?

  • How to analyse different sources of evidence and how they can aid a network investigation
  • The importance of proper processes required when conducting a forensic investigation
  • How to identify and follow an attack through analysis of network evidence

Who Should Attend?

Security consultants and investigators looking to expand their capability to conduct in-depth network analysis
Typical candidates consist of:

  • Forensic Analysts
  • Incident Responders
  • Security Analysts
  • Threat Hunters

Recommended Perquisites

This course assumes candidates are familiar with the concepts of a breach and anatomy of an attack.  It is recommended that candidates have experience conducting digital forensic assessments.
It is required that all students are comfortable with whatever OS they choose to use for analysis and are comfortable with command line interfaces.

Syllabus

Conducting an Investigation

  • Record Keeping
  • Incident Response Plans

PCAP Analysis

  • Data Carving
  • Identifying malicious traffic
  • Lateral Movement
  • Statistical Analysis

Data Sources

  • Understanding log sources
  • Following an attack

C&C Communication

  • Beaconing
  • Data Exfiltration

Intrusion Detection

  • IDS rules
  • IDS analysis

Encryption

  • Identifying encrypted traffic
  • Decrypting encrypted traffic

Enquire

Start date Location / delivery
No fixed date United Kingdom Book now

Related article

For people who are interested in a cybersecurity career or those who want to develop their skills in the industry,a bootcamp is a great place to start