EXNF

Network Forensics

Advanced incident response & investigation in a network environment is a course for upskilling and improving Incident response, investigation, and forensics skills in a network environment. It is just the right one for experienced cyber security and IT teams.

40 Hours

Cloud Environment

Instructor Led

Virtual Labs & Simulation

Improve student capabilities, skills, and knowledge regarding cyber security investigations and networks forensics. Students will experience "Cutting edge" methods, procedures, technology, and tools, that should be executed during investigation and will lead to an efficient, more accurate and beneficial investigation
WHO IS IT FOR
SOC IR & Forensics Teams
Law Enforcement Experts
Cyber Practitioners
Network Defenders
IT Network Engineers
STEM Master's Students
GOALS
Become familiar with procedures, processes, and workflows.
Find, collect, and perform Forensics Investigation
Extract forensic artifacts from network communications (i.e. packet captures) as part of an incident response investigation.
Become familiar with the forensic aspects of common network protocols (i.e. SSL/TLS stripping)
Become familiar with TTPs (tools, techniques and procedures) relevant to network investigations (i.e. leveraging Wireshark functionalities)
Requirements
A few years' experience in IT \ cyber
  • The proxy in the middle
  • Network Analysis
  • Network Evidence
  • Observe the whole picture
  • HTTP Forensics
  • Domain Name Services
  • Network Security Monitoring
  • Logging Protocols and Aggregation
  • NetFlow Introduction
  • NetFlow Analysis
  • Simple Mail Transfer Protocol (SMTP)
  • Network Miner
  • Wireless Network Analysis
  • Evil Twin Attack
  • Automated Tools
  • Arkime
  • Encoding, Encryption, and SSL
  • MITM Attack
  • Reverse Network Protocols
  • Cyber Threat Intelligence (CTI)

22 Hours of hands-on activities

Total amount of practical experience during this course.

Contact Us