Focal Point - Network Forensics and Investigation II
New - Learn how to use advanced features, apply threat intelligence, and identify and investigate more complex or hard-to-detect intrusions.
There are a tremendous number of network-based attacks occurring every day, and that number is increasing rapidly. To defend against these attacks, they must be understood at the packet level. This course teaches you how to analyze, detect, and understand the network-based attacks that have become pervasive on today’s Internet.
Building on the skills developed in the Network Forensics and Investigation course, students will learn how to use advanced features in tools such as Elastic, Wireshark, Zeek and Suricata, how to apply threat intelligence to enrich analysis and direct response actions, and how to identify and investigate more complex or hard-to-detect intrusions. This course covers malicious actions from across the attacker lifecycle, from initial reconnaissance and access through to activities such as data exfiltration and command-and-control traffic attributed to botnets or APTs.