This course will teach you how to identify and analyze the most common types of reconnaissance, attack, lateral movement, exfiltration, and command and control traffic found in today’s networks. It covers a range of techniques from deep-packet analysis to statistical-flow analysis to open-source research and more, using tools such as Wireshark, Network Miner and RSA NetWitness Investigator as well as custom tools and scripts developed by our networking experts. Growing in complexity throughout the week, the course ends with a team exercise where you and your teammates will investigate and report on an extensive, multi-stage intrusion.
Day 5 – Student Practical Demonstration
Using the tools, skills, and methodologies taught in Days 1 through 4 of the class, students will uncover and analyze a multi-part network intrusion. In the intrusion capture file, there will be at least 3 Application Layer attacks, 2 Advanced Communications Methods, and a hacker toolkit to discover. Students will have to prepare a report detailing the attack from start to finish, documenting what things the hacker did and what information was leaked, if any.