YoVDO

Network Forensics

Offered By: LinkedIn Learning

Tags

Digital Forensics Courses Cybersecurity Courses Wireshark Courses Splunk Courses Log Analysis Courses Intrusion Detection Courses Network Administration Courses Network Forensics Courses tcpdump Courses

Course Description

Overview

Get a comprehensive, but succinct, look at network forensics. Learn how to prepare for network forensics investigations, investigate network events, and examine network traffic.

Syllabus

Introduction
  • Learning network forensics
  • What you should know
1. Understanding Network Forensics
  • Goals of network forensics
  • Tools
  • Legal implications
  • Current and future trends
  • Anti-network forensics techniques
2. Preparing for a Network Forensics Investigation
  • Network forensics investigation hardware
  • Network forensics investigation software
  • Understanding computer networking
  • Understanding networking devices
  • Understanding network data sources
3. Investigating Network Events
  • Network logs
  • Intrusion and security events
  • Network logs as evidence
  • Network logs and compliance
  • Audit logs
  • Firewall logs
  • syslog
  • syslog-ng
  • Kiwi Syslog Server
  • Microsoft Log Parser
4. Investigating Network Traffic
  • Fundamentals
  • Network models
  • Subnets, subnet ID, and subnet mask
  • Protocol analysis
  • ARP
  • ARP poisoning
  • DNS
  • DNS poisoning
5. Network Forensics Tools
  • tcpdump and WinDump
  • tcpdump and WinDump hands-on
  • Wireshark
  • Wireshark hands-on
  • HTTP proxies
  • HTTP proxies hands-on
  • Splunk
  • Splunk hands-on
Conclusion
  • Next steps

Taught by

Jungwoo Ryoo

Related Courses

Troubleshooting and Debugging Techniques
Google via Coursera
Snort Intrusion Detection, Rule Writing, and PCAP Analysis
Udemy
Wireshark
YouTube
Working with tcpdump Filters
Coursera Project Network via Coursera
Wireshark Crash Course
Skillshare