YoVDO

Network Forensics

Offered By: LinkedIn Learning

Tags

Digital Forensics Courses Cybersecurity Courses Wireshark Courses Splunk Courses Log Analysis Courses Intrusion Detection Courses Network Administration Courses Network Forensics Courses tcpdump Courses

Course Description

Overview

Get a comprehensive, but succinct, look at network forensics. Learn how to prepare for network forensics investigations, investigate network events, and examine network traffic.

Syllabus

Introduction
  • Learning network forensics
  • What you should know
1. Understanding Network Forensics
  • Goals of network forensics
  • Tools
  • Legal implications
  • Current and future trends
  • Anti-network forensics techniques
2. Preparing for a Network Forensics Investigation
  • Network forensics investigation hardware
  • Network forensics investigation software
  • Understanding computer networking
  • Understanding networking devices
  • Understanding network data sources
3. Investigating Network Events
  • Network logs
  • Intrusion and security events
  • Network logs as evidence
  • Network logs and compliance
  • Audit logs
  • Firewall logs
  • syslog
  • syslog-ng
  • Kiwi Syslog Server
  • Microsoft Log Parser
4. Investigating Network Traffic
  • Fundamentals
  • Network models
  • Subnets, subnet ID, and subnet mask
  • Protocol analysis
  • ARP
  • ARP poisoning
  • DNS
  • DNS poisoning
5. Network Forensics Tools
  • tcpdump and WinDump
  • tcpdump and WinDump hands-on
  • Wireshark
  • Wireshark hands-on
  • HTTP proxies
  • HTTP proxies hands-on
  • Splunk
  • Splunk hands-on
Conclusion
  • Next steps

Taught by

Jungwoo Ryoo

Related Courses

Introduction to Internetworking with TCP/IP
openHPI Computer Networks and the Internet
Kiron via edX Introduction to TCP/IP
Yonsei University via Coursera Wireshark for Basic Network Security Analysis
Coursera Project Network via Coursera Web Services Analysis With Python & Wireshark
Coursera Project Network via Coursera