Class Details

Basic Network Analysis 101 Price: $3,750

Training promotions may be available, contact a training consultant at 240-667-7507 for more information!

This course examines the TCP/IP protocol suite at the lowest level and prepares the student for the ability to analyze network communications. The course focuses on the main protocols to include DHCP and others. The student will learn how to identify different components of network communications and determine if the communications is normal or abnormal. The student will be introduced to the hacking methodology and the course will conclude with a challenge for the student to deploy the concepts from the class and create their own network analysis cyber range

Price Match Guarantee Phoenix TS

Basic Network Analysis 101 Course Includes:

  • Class exercises in addition to training instruction
  • Courseware books, notepads, pens, highlighters and other materials
  • Course retake option
  • Full breakfast with variety of bagels, fruits, yogurt, doughnuts and juice
  • Tea, coffee, and soda available throughout the day
  • Freshly baked cookies every afternoon - *only at participating locations

Course Outline

Building a Cyber Range 

  • Introduction
  • Selecting the software
  • Commercial
  • Open Source
  • Designing the network
  • Single segment
  • Multiple segments
  • Building the network switches
  • Different types of switches
  • Default IP assignments
  • Adding machines
  • Connecting
  • Configuring
  • Testing

Lab: Designing a Cyber Range

Introduction to TCP/IP 

  • History of TCP/IP
  • RFCs
  • Terminology
  • OS built-in tools 

LAB: TCP/IP OS Tools 

TCP/IP Protocol Suite 

  • Network layer
  • Internet layer
  • Transport Layer
  • Application Layer 

LAB: TCP/IP Layers 

  • ARP
  • Fragmentation and Reassembly 

LAB: Fragmentation and Reassembly

  • ICMP
  • IPv6
  • Network discovery
  • Router discovery 

LAB: Discovery 

  • TCP
  • 3-way handshake
  • UDP 

LAB: TCP and UDP 

  • Packet multiplexing and demultiplexing
  • Sockets
  • NetBIOS
  • Remote Procedure Calls
  • Host naming 

 LAB: Sockets 

IP Addressing 

  • IPv4
  • Types of addresses
  • IPv4 unicast
  • IPv4 multicast
  • IPv4 broadcast
  • IPv6
  • Types of addresses
  • IPv6 unicast
  • Special IPv6 addresses
  • IPv6 multicast
  • IPv6 anycast
  • IPv4 and IPv6 addressing comparison

LAB: IP Addressing

 Subnetting 

  • IPv4
  • Notations
  • Prefix length
  • Octet subnetting
  • Variable length subnetting
  • IPv6 subnetting 

LAB: Subnetting

 IP Routing 

  • Overview
  • Direct and indirect
  • Routing table
  • Static and dynamic routing
  • Routing protocols
  • Integrating static and dynamic routing
  • RIP
  • OSPF
  • BGP 

 LAB: IP Routing        

Dynamic Host Configuration Protocol 

  • Overview
  • Benefits
  • How it works
  • Messages 

LAB: DHCP

  • DHCP on Windows
  • DHCP on Linux
  • Scopes
  • Reservations
  • OS tools and DHCP 

LAB: Configuring and testing DHCP

Host Name Resolution 

  • TCP/IP naming schemes
  • Host resolution on Windows
  • Host resolution on Linux
  • Hosts files
  • IPv4 entries
  • IPv6 entries
  • Client resolver cache
  • /etc/resolv.conf 

LAB: Naming resolution 

Domain Name System 

  • DNS components
  • DNS names
  • Domains and subdomains
  • Zones 

LAB: DNS components 

  • Recursive queries
  • Caching and TTL
  • Negative caching
  • Roles
  • Forwarders
  • Resource records
  • Zone transfers
  • DNS dynamic updates
  • Windows DNS
  • Linux DNS 

LAB: DNS configuration  

Introduction to Sessions 

  • Host
  • Router
  • Traffic examples
  • Network configuration
  • Web clients
  • DNS Server
  • Web Server 

 LAB: Sessions Intro

  • Web traffic
  • DNS queries and responses
  • Additional records
  • Get and Post
  • Head
  • Form logins 

LAB: Web Sessions 

  • IPv6 delivery
  • IPv6 traffic
  • Network configuration 

LAB: IPv6 Sessions 

IPsec and Packet Filtering 

  • Modes off IPsec
  • Transport
  • Tunnel
  • Key exchange
  • Policies  

LAB: IPsec 

  • Types of packet filtering
  • Stateless
  • Stateful
  • Application Proxy
  • Next Generation 

LAB: Stateless and Stateful packet filtering 

  • Windows firewall
  • Linux iptables
  • FreeBSD pfsense 

LAB: Firewall configuration and deployment 

Virtual Private Network (VPN) 

  • Components
  • VPN connections
  • Encapsulation
  • Encryption
  • Remote access
  • Site to Site
  • Protocols
  • Remote Access Connections
  • Addressing and Routing
  • Configuring
  • Network access authentication 

LAB: VPN 

IPv6 Technologies and Transitions 

  • Dual stack
  • Dual IP layer
  • Tunnels
  • 6 to 4 support
  • Migrating to IPv6 

LAB: IPv6 Technologies  

  • Troubleshooting TCP/IP
  • Problem Identification
  • Troubleshooting tools
  • Verifying connectivity
  • Analyzing packets for hints
  • Reachability tests
  • Name resolutions and addressing
  • Caching and flushing
  • Testing names with ping and nslookup
  • NetBIOS name cache and Windows
  • Check for filtering
  • Session establishment verification 

 LAB: Troubleshooting  

Introduction to Hacking 

  • Abstract methodology
  • Scanning Methodology
  • Vulnerability discovery and analysis
  • Leveraging vulnerabilities 

LAB: Scanning Methodology 

  • Exploit identification
  • Post exploitation 

LAB: Exploitation and Post Exploitation

  • Hacking methodology analysis
  • Exploitation at the packet level
  • Threat classification basics 

LAB: Threat classification and analysis 

Hacking Analysis Methodology 

  • Reviewing the packet capture
  • Live systems and discovery method
  • Open ports
  • Data
  • Sessions
  • Signs of compromise 

LAB: Hacking Methodology Analysis 

Web Application Hacking 

  • Traversal
  • Cross Site Scripting (XSS)
  • HTML injection
  • SQL Injection
  • Remote File Include
  • Parameter Tampering
  • Obfuscation 

LAB: Web Application Hacking Analysis 

Components of Sophisticated Attacks 

  • Encoding and encryption
  • Encapsulation and web 2.0
  • SOAP
  • REST
  • XML
  • Evasion methods 

LAB: Sophisticated Attack Analysis 

Attack Analysis Workshop 

  • Identifying attacks
  • Recognizing evasion methods
  • Determining the exploit tool
  • Using Statistics 

Range Deployment Challenge

 

Objectives

Basic Network Analysis 101 Course Objectives: 

  • Analyze network communications
  • Identify different components of network commjnications
  • Determine if communications are normal or abnormal
  • Create their own network analysis cyber range