Course Description

Network forensics is a digital forensics branch that checks and analyses computer network traffic to gather evidence. As a network forensic investigator, you must be mindful of everything you handle or collect. We begin by familiarising you with definitions and terminologies used in digital investigations. You will learn concepts such as real, circumstantial, network-based digital evidence and many more. Next, examine the challenges you may encounter when gathering evidence as a network forensics examiner.

As you become acquainted with the network environment, you will review the methodologies, principles and sources of network-based evidence. You will also study the history and components of the internet protocol suite and the physical interceptions of networking. We will introduce network traffic acquisition tools and software like libpcap, WinPcap, tcpdump and Wireshark. Finally, explore the wireless environment and some key technology areas to pay attention to from a forensics point of view.

Network administrators cannot prevent attacks even if they implement all security measures. Therefore, the course will critically examine some network intrusion detection tools used to capture network traffic and create alerts from different kinds of attacks. You will also scrutinise network devices such as the storage media, switches, routers and firewalls where you can find information. Additionally, you will learn details about malware in general that forensic examiners should pay attention to. We have designed this course to take your network forensic investigative skills to the next level with practical examples and real-world scenarios. Register now!

What you'll learn in this course?

• Digital Forensics

• Technology

• Network Security

• Cybersecurity

• Computer Forensics