Network Forensics
The intent of the Network Forensics Knowledge Unit is to provide students with the ability apply forensics techniques to investigate and analyze network traffic.
Topics
- Intrusion Detection and Prevention
- Packet Capture and Analysis (Wifi, LAN)
- Interlacing of device and network forensics
- Log-file Analysis
Outcomes
- Describe the methodologies used in network forensics.
- Analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system.
- Packet Capture and Analysis (Wifi, LAN)
- Intrusion Detection and Prevention
- Interlacing of device and network forensics
- Log-file Analysis
- Forensic Imaging and Analysis
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
| ID |
DESCRIPTION |
| K0046 |
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. |
| K0062 |
Knowledge of packet-level analysis. |
| K0310 |
Knowledge of hacking methodologies. |
| K0145 |
Knowledge of security event correlation tools. |
| ID |
DESCRIPTION |
| S0156 |
Skill in performing packet-level analysis. |
| S0199 |
Skill in creating and extracting important information from packet captures. |
| S0173 |
Skill in using security event correlation tools. |
| ID |
DESCRIPTION |
| A0128 |
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. |
