Network Forensics
Offered By: LinkedIn Learning
Course Description
Overview
Get a comprehensive, but succinct, look at network forensics. Learn how to prepare for network forensics investigations, investigate network events, and examine network traffic.
Syllabus
Introduction
- Learning network forensics
- What you should know
- Goals of network forensics
- Tools
- Legal implications
- Current and future trends
- Anti-network forensics techniques
- Network forensics investigation hardware
- Network forensics investigation software
- Understanding computer networking
- Understanding networking devices
- Understanding network data sources
- Network logs
- Intrusion and security events
- Network logs as evidence
- Network logs and compliance
- Audit logs
- Firewall logs
- syslog
- syslog-ng
- Kiwi Syslog Server
- Microsoft Log Parser
- Fundamentals
- Network models
- Subnets, subnet ID, and subnet mask
- Protocol analysis
- ARP
- ARP poisoning
- DNS
- DNS poisoning
- tcpdump and WinDump
- tcpdump and WinDump hands-on
- Wireshark
- Wireshark hands-on
- HTTP proxies
- HTTP proxies hands-on
- Splunk
- Splunk hands-on
- Next steps
Taught by
Jungwoo Ryoo
Related Courses
Troubleshooting and Debugging TechniquesGoogle via Coursera Snort Intrusion Detection, Rule Writing, and PCAP Analysis
Udemy Wireshark
YouTube Working with tcpdump Filters
Coursera Project Network via Coursera Wireshark Crash Course
Skillshare