Network & Host Analysis: Network Protocols


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

The ability to filter based on the protocols in use over a network gives a window into how it is used. Knowing what good and bad traffic looks like and identifying unencrypted traffic and potential avenues for security compromise is essential. In this course, you'll apply various filters to network traffic using Wireshark and explore factors to look out for based on the protocol being examined.

You'll learn to filter DHCP and DNS traffic. You'll differentiate between TCP, UDP, ICMP, and ARP traffic. You'll watch insecure protocols like POP, IMAP, Telnet, and FTP. You'll examine what can be discovered by looking at secure traffic over SSH and HTTPS and secure POP and IMAP variants. Finally, you'll examine IPv6 packets.



Expected Duration (hours)
1.0

Lesson Objectives

Network & Host Analysis: Network Protocols

  • discover the key concepts covered in this course
  • apply DNS filters and examine DNS queries in Wireshark
  • apply generic TCP filters by port and address in Wireshark
  • apply generic UDP filters by port and address in Wireshark
  • capture ICMP traffic using Wireshark
  • capture and examine HTTP traffic using Wireshark
  • inspect SSH traffic using Wireshark
  • extract data from FTP traffic using Wireshark
  • apply email protocol filters for POP, IMAP, and SMTP using Wireshark
  • capture ARP traffic using Wireshark
  • capture DHCP traffic using Wireshark
  • monitor a Telnet session using Wireshark
  • capture only IPv6-based traffic in Wireshark
  • summarize the key concepts covered in this course

    • Course Number:
    it_cynthadj_02_enus

    Expertise Level
    Intermediate