Course Code: 19022

Network Traffic Analysis Training

Class Dates:
5 Days
Class Time:
Instructor-Led Training, Virtual Instructor-Led Training


  • Course Overview
  • This course provides the student the concepts, methodologies, and hands-on tools to analyze network traffic for the purposes of focused operations, cyber operations, intrusion detection, and incident response. Each student will be provided an overview on how packet analysis applies to their cyber security position.

    You will learn to use and identify the most common causes of performance problems in TCP/IP communications. You will develop a thorough understanding and how to spot the primary sources of network performance problems.

    You will also learn how to decode protocols and how to get evidence of suspicious network traffic. You will become familiar with the many practical filters that identify malware-infected computers and several network attacks such as DoS attacks, DHCP/ARP spoof, and DNS flooding.

  • Audience
  • Security Professionals
    Network Administrators


  • Topics you will cover in this course include:

    Traffic capturing techniques and analyzer placement
    Traffic filtering (capture/display)
    Customized profiles creation
    Coloring rules, graphing, field interpretations, and functionality of key TCP/IP communications
    Normal behavior of ARP, DNS, IP, TCP, UDP, ICMP, and HTTP/HTTPS
    Latency issue identification

Course Details