CompTIA

Learn Wireshark

(UOP-CYB227.AJ1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Traffic Capture Overview

  • Reviewing packet analysis
  • Recognizing who benefits from using packet analysis
  • Identifying where to use packet analysis
  • Outlining when to use packet analysis
  • Getting to know Wireshark
  • Discovering the beginnings of today's Wireshark
  • Examining the Wireshark interface
  • Understanding the phases of packet analysis
  • Using command-line tools
  • Discovering support for different OS
  • Comparing different capture engines
  • Performing a standard Windows installation
  • Reviewing the resources available at Wireshark.org
  • Understanding the Wireshark welcome screen
  • Exploring the File menu
  • Discovering the Edit menu
  • Exploring the View menu
2

Getting Started with Wireshark

  • Reviewing the network architecture
  • Learning various capture methods
  • Tapping into the stream
  • Realizing the importance of baselining
  • Personalizing the layout and general appearance
  • Creating a tailored configuration profile
  • Adjusting columns, font, and colors
  • Adding comments
  • Modifying complex expressions
  • Filtering network traffic
  • Comprehending display filters
  • Creating capture filters
  • Understanding the expression builder
  • Discovering shortcuts and handy filters
  • Comprehending the OSI model
  • Discovering the purpose, protocols, and PDUs
  • Exploring the encapsulation process
  • Demonstrating frame formation in Wireshark
3

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

  • Reviewing the purpose of the transport layer
  • Describing TCP
  • Examining the eleven-field TCP header
  • Understanding UDP
  • Discovering the four-field UDP header
  • Dissecting the three-way handshake
  • Learning TCP options
  • Understanding TCP protocol preferences
  • Tearing down a connection
4

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

  • Understanding the purpose of the IP
  • Outlining IPv4
  • Exploring IPv6
  • Editing protocol preferences
  • Discovering tunneling protocols
  • Understanding the purpose of ICMP
  • Dissecting ICMPv4 and ICMPv6
  • Sending ICMP messages
  • Evaluating type and code values
  • Configuring firewall rules
  • Understanding the role and purpose of ARP
  • Exploring ARP headers and fields
  • Examining different types of ARP
  • Analyzing ARP attacks
5

Working with Packet Captures

  • Analyzing latency issues
  • Understanding the coloring rules
  • Exploring the Intelligent Scrollbar
  • Discovering the expert system
  • Discovering ways to subset traffic
  • Understanding options to save a file
  • Recognizing ways to export components
  • Identifying why and how to add comments
  • Diving into an overview of CS
  • Sharing captures in CS
  • Outlining the various filters and graphs
  • Evaluating the different analysis tools
  • Discovering where to find sample captures

1

Traffic Capture Overview

  • Using Packets to Build a Picture of a Network
  • Capturing and Classifying Background Traffic
  • Opening a Network Monitor .cap File
2

Getting Started with Wireshark

  • Capturing File Sets
  • Using a Ring Buffer to Conserve Drive Space
  • Adding the HTTP Host Field as a Column
  • Creating, Saving, and Applying a DNS Capture Filter
3

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

  • Using a Default Filter as a Seed for a New Filter
  • Locating TCP Connection Attempts to a Client
  • Exporting a Single TCP Conversation
4

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

  • Filtering HTTP Traffic the Right Way
  • Filtering Traffic to or from Online Backup Subnets
  • Applying Filter on HTTP 404 Responses
  • Applying Filters to Locate a Set of Keywords in a Trace File
  • Investigating an arp Cache
  • Adding a Column to Display Coloring Rules in Use
  • Building a Coloring Rule to Highlight FTP User Names, Passwords, and More
5

Working with Packet Captures

  • Exporting Malicious Redirection Packet Comments
  • Reading Analysis Notes in a Malicious Redirection Trace File
  • Splitting a File and Work with Filtered File Sets
  • Using Tshark to Extract HTTP GET Requests
  • Using Tshark to Capture File Sets with an Autostop Condition

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Learn Wireshark

$279.99

Buy Now

Related Courses

All Courses