YoVDO

Network Forensics

Offered By: LinkedIn Learning

Tags

Digital Forensics Courses Cybersecurity Courses Wireshark Courses Splunk Courses Log Analysis Courses Intrusion Detection Courses Network Administration Courses Network Forensics Courses tcpdump Courses

Course Description

Overview

Get a comprehensive, but succinct, look at network forensics. Learn how to prepare for network forensics investigations, investigate network events, and examine network traffic.

Syllabus

Introduction
  • Learning network forensics
  • What you should know
1. Understanding Network Forensics
  • Goals of network forensics
  • Tools
  • Legal implications
  • Current and future trends
  • Anti-network forensics techniques
2. Preparing for a Network Forensics Investigation
  • Network forensics investigation hardware
  • Network forensics investigation software
  • Understanding computer networking
  • Understanding networking devices
  • Understanding network data sources
3. Investigating Network Events
  • Network logs
  • Intrusion and security events
  • Network logs as evidence
  • Network logs and compliance
  • Audit logs
  • Firewall logs
  • syslog
  • syslog-ng
  • Kiwi Syslog Server
  • Microsoft Log Parser
4. Investigating Network Traffic
  • Fundamentals
  • Network models
  • Subnets, subnet ID, and subnet mask
  • Protocol analysis
  • ARP
  • ARP poisoning
  • DNS
  • DNS poisoning
5. Network Forensics Tools
  • tcpdump and WinDump
  • tcpdump and WinDump hands-on
  • Wireshark
  • Wireshark hands-on
  • HTTP proxies
  • HTTP proxies hands-on
  • Splunk
  • Splunk hands-on
Conclusion
  • Next steps

Taught by

Jungwoo Ryoo

Related Courses

Foundations of Computer Science for Teachers
The University of Texas at Austin via edX Computer Forensics
Rochester Institute of Technology via edX FinTech Security and Regulation (RegTech)
The Hong Kong University of Science and Technology via Coursera Cyber Security
CEC via Swayam Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX