Course Course Summary Section 1 Content Section 1 Content Left Section 1 Content Right Credit Type: Course ACE ID: UMBC-0015 Organization's ID: TCCYB0010 Organization: UMBC Training Centers, LLC Location: Classroom-based Length: 32 hours Dates Offered: 10/1/2020 - 9/30/2023 1/1/2017 - 6/30/2020 Credit Recommendation & Competencies Section 2 Content Section 2 Content Left Section 2 Content Right Level Credits (SH) Subject Lower-Division Baccalaureate 2 Network and Packet Analysis Description Section 3 Content Section 3 Content Left Section 3 Content Right Objective: The course objective is to teach the student the fundamental concepts, methodologies, and tools necessary to analyze common network traffic. Learning Outcomes: Explain sniffers and protocol analyzers, evaluate Datalink, Network, and Application layer protocols, use advanced filtering techniques to optimize data evaluation, analyze traffic to see how a program or application is communicating across the network, determine if a networked device is having its communication protocols compromised, use the command line interface tool TCPdump and the graphical user interface protocol analyzer Wireshark to capture and analyze network traffic, and examine and evaluate packet captures to identify various exploits, network reconnaissance techniques, and more advanced network attacks Upon completion of the course, the student will be able to describe TCP/IP and OSI layers Use the command line tool tcpdump and the protocol analyzer wireshark to capture and analyze self-generated network traffic Use the command line tool TCPdump and the protocol analyzer wireshark to capture and analyze self-generated network traffic Evaluate pre-captured data streams Examine and evaluate actual packet captures General Topics: • Review of networking topics • Client and server networking approach • Examining the DoD and OSI networking models • Identify how networking protocol encapsulate payloads • Deconstruct protocol header information • Research common networking protocols • Using network sniffers and protocol analyzers • TCPDump to evaluate datalink, network, and application layer protocols • Apply advanced TCPDump filters to optimize data evaluation • Use Wireshark and its display filters for data evaluation and communications flow • Evaluating trace files for malicious behavior Identify clear text networking protocols Instruction & Assessment Section 4 Content Section 4 Content Left Section 4 Content Right Instructional Strategies: Audio Visual Materials Classroom Exercise Computer Based Training Lectures Practical Exercises Methods of Assessment: Examinations Performance Rubrics (Checklists) Minimum Passing Score: 70% Supplemental Materials Section 5 Content Section 5 Content Left Section 5 Content Right Section 6 Content Section 6 Content Left Section 6 Content Right Button Content Rail Content 1 Page Content