Uncover system intrusions by identifying malicious network activity.
There are a tremendous amount of network-based attacks taking place and that number is increasing rapidly. You can't defend against these lethal network attacks if you don't know about them or if you've never seen they look like at the packet level. This course teaches you how to analyze, detect, and understand all the network-based attacks that we could find being used today in modern network warfare.
From layer two attacks against network devices through complex botnets and specific application vulnerabilities, this class will give you a glimpse of what these attacks looks like. We even show you how to detect attacks using Flow Analysis if you don't have network packets to perform an analysis or if you only have statistical information at your disposal. We'll use the popular protocol analyzer “Wireshark” and session analysis tool “Netwitness” alongside custom tools developed by Focal Point networking experts to show you how to detect these network attacks and be prepared to handle them.
Using the tools, skills, and methodologies taught in Days 1 through 4 of the class, on Day 5, students will uncover and analyze a multi-part network intrusion. In the intrusion capture file, there will be at least 3 Application Layer attacks, 2 Advanced Communications Methods, and a hacker toolkit to discover. Students will have to prepare a report detailing the attack from start to finish, documenting what things the hacker did and what information was leaked, if any.
Before taking this course, students should have:
5 Days/Lecture & Lab
This course is designed for: