NETWORK FORENSICS / BT211
FIVE | ELEVEN | 90% | 40
SCENARIOS LABS HANDS-ON DURATION
Network forensics training is about the analysis of network traffic to identify intrusions or anomalous activity. Compared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable and therefore requires a different approach. This course sets the groundwork of understanding networks and the investigation process on them.
Working with Tshark
Network File Carving
Network Files Carving from Memory
Decrypting Encrypted Traffic
Working with Zeek
VoIP Traffic Analysis
Automation with Sysmon
Building Network Security Tools
One of the biggest web-hosting companies had suffered a massive data leak; Attackers spotted a security flow in one of the documents. The network manager requires your assistance to record and analyze the still going events to discover the source of the breach.
Recently a group of hackers managed to trick a group of private firms into sending them a vast amount of money by faking an investment website; the firms were sure that they are investing in start-ups while, in reality, they were sending money to the attackers. The SOC Team managed to capture the data transmitted between the groups. Your job is to analyze the network traffic and find the hackers.
Recently, a notorious trojan managed to spread to new victims that are connected to nearby Wi-Fi networks using already infected devices. A Cybersecurity firm managed to spot a new spreading attempt and is requesting your help to analyze the network to trace the source of the infection.
A network of compromised Linux servers has grown so powerful that it can blow big websites off the Internet by launching crippling DDoS of over 150 gigabits per second (Gbps). Your mission is to investigate the process of DDoS and find a way to block it.
A researcher team at a network management company spotted suspicious traffic at his networks which seems to be delivering files from the network to an unknown host. The researcher team has recorded the suspicious traffic and is asking for your help to analyze it and report your findings back to them.