Network Forensics Analysis using Wireshark


Networking Personnel that need to acquire a foundation in network forensics technology, terminology, common networking protocols and use of Open-Source Network / Forensic Analysis tools and methodologies. Successful completion of this course will provide these individuals with a path-way into the field of both Network and Forensics Analysis.

More information:

Course Description

Network Forensics Analysis encompasses the skills of not only capturing
suspicious data, but also the ability to discern unusual patterns hidden within
seemingly normal network traffic. This course will provide the student with a
set of investigate techniques focusing on the use of vendor-neutral, Open-Source
Tools to provide insight into the following areas:

  • Forensics Analysis fundamentals and data-mining
  • Open-Source Network Forensics Tools
  • Network security principles including encryption technologies and
    defensive configurations of network infrastructure devices
  • Security threat recognition for a variety of network attack and exploit
    scenarios including network reconnaissance techniques, intrusion and exploit
    methodologies, Bot-Net threat recognition as well as common user protocol
    vulnerabilities including many IP related Protocols such as IPv4/v6 / TCP,
    DNS/DNSSec, ARP, ICMPv4/v6, and an introduction to Voice / Video over IP and
    Wireless Networking technologies
  • Specialized Network Forensics Analysis techniques including suspicious
    data traffic reconstruction and viewing techniques.


5 days Classroom Instruction

Start/End Times



Completion of Wireshark 1 and Wireshark 2