Network Forensic

(NET-FORENSIC.AW1) / ISBN : 978-1-64459-610-4
This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get A Free Trial

About This Course

Skills You’ll Get

1

Introduction

2

Foundations of Network Forensics

  • Introduction
  • Structure
  • Objectives
  • Types of network forensics
  • Setting up the environment for analysis
  • Case study: Suspicious Web Server
  • Conclusion
  • Long questions
3

Protocols and Deep Packet Analysis

  • Introduction
  • Structure
  • The OSI model
  • The TCP/IP model
  • The Packet structure
  • Case study: Curious case of protocol misuse
  • Deep Packet Inspection
  • Case study: Investigating Distributed Denial of service attacks
  • Conclusion
  • Long questions
4

Flow Analysis versus Packet Analysis

  • Introduction
  • Structure
  • Statistical Flow analysis
  • Flow Record and FRP Systems
  • Uniflow and BitFlow
  • Types of Sensor deployment
  • Flow analysis
  • Conclusion
  • Long questions
5

Conducting Log Analysis

  • Introduction
  • Structure
  • Objectives
  • Investigating Remote Login attempts on SSH
  • Investigating Web Server Attacks with Splunk
  • Investigating Proxy Logs
  • Conclusion
  • Long questions
6

Wireless Forensics

  • Introduction
  • Structure
  • Objectives
  • Basics of Radio Frequency Monitoring
  • The 802.11 standard
  • Evidence types in wireless local area networking
  • Other wireless attacks and their analysis
  • Conclusion
  • Long questions
7

TLS Decryption and Visibility

  • Introduction
  • Structure
  • Objectives
  • Techniques to decrypt SSL/TLS communication
  • Examining SSL/TLS traffic using proxy
  • Conclusion
  • Long questions
8

Demystifying Covert Channels

  • Introduction
  • Structure
  • Objectives
  • Identifying covert communication using proxies
  • Using MitmProxy to decrypt Dropbox traffic
  • Using Dropbox API to gather attack details
  • Uncovering the attack pattern
  • Uncovering DNS misuse
  • Conclusion
  • Long questions
9

Analyzing Exploit Kits

  • Introduction
  • Structure
  • Objectives
  • How exploit kits work
  • Analysis of an exploit kit infection
  • Network forensics with Security Onion
  • Extracting malicious payload
  • Using Fakenet-Ng to simulate a network
  • Conclusion
  • Long questions
10

Automating Network Forensics

  • Introduction
  • Structure
  • Objectives
  • Parsing the Syslog format
  • IP reputation analysis
  • Writing dissectors for protocols in Lua
  • Conclusion
  • Long questions
11

Backtracking Malware

  • Introduction
  • Structure
  • Objectives
  • Investigating Cobalt Strike Encrypted traffic
  • Investigating TeamViewer and AnyDesk
  • Conclusion
  • Long questions
12

Investigating Ransomware Attacks

  • Introduction
  • Structure
  • Objectives
  • Analysis of WannaCry ransomware
  • Capturing ransomware keys for decryption
  • Analyzing GandCrab ransomware
  • Case Study: REVIL ransomware at a Bank
  • Conclusion
  • Long questions
13

Investigating Command and Control Systems

  • Introduction
  • Structure
  • Objectives
  • Investigating Metasploit Reverse Shell
  • Investigating Meterpreter Reverse Shell
  • Investigating Meterpreter Stageless Reverse Shell
  • Conclusion
  • Long questions
14

Investigating Attacks on Email Servers

  • Introduction
  • Objectives
  • Structure
  • Analysis of ProxyLogon attack
  • Investigating Email authentication logs
  • Conclusion
  • Long questions
15

Investigating Web Server Attacks

  • Introduction
  • Structure
  • Objectives
  • Web Server attack analysis
  • Conclusion
  • Long questions

1

Introduction

  • testing
2

Foundations of Network Forensics

  • Capturing Network Packets Using TCPDump
  • Performing Network Analysis Using Wireshark
3

Protocols and Deep Packet Analysis

  • Using tshark to Filter Data from a PCAP File
4

Flow Analysis versus Packet Analysis

  • Generating IPFIX from PCAP
  • Analyzing SiLK Flow Records
5

Conducting Log Analysis

  • Investigating SSH Logs
6

Wireless Forensics

7

TLS Decryption and Visibility

  • Capturing Browser Requests Using mitmproxy
8

Demystifying Covert Channels

  • Resolving IP Addresses for Network Analysis
  • Investigating DNS Misuse
9

Analyzing Exploit Kits

10

Automating Network Forensics

  • Performing IP Reputation Analysis
11

Backtracking Malware

  • Investing Cobalt Strike Encrypted traffic
  • Monitoring TeamViewer Sessions
  • Investigating AnyDesk Sessions
12

Investigating Ransomware Attacks

  • Analyzing the WannaCry Ransomware Attack
13

Investigating Command and Control Systems

  • Investigating Metasploit Reverse Shell
14

Investigating Attacks on Email Servers

  • Investigating ProxyLogon Attack
15

Investigating Web Server Attacks

Network Forensic

R 5053.09

Buy Now

Related Courses

All Course
scroll to top