Network forensics is used to find legal evidence in network devices. In this course, Jungwoo Ryoo covers all of the major concepts and tools in this growing technical field. Jungwoo begins by reviewing the basics: the goals of network forensics, a network forensic investigator’s typical toolset, and the legal implications of this type of work. Then, he shows how to prepare for an investigation; acquire network logs and investigate network events; collect and investigate network traffic; and leverage various network forensics tools, such as Wireshark, Splunk, and tcpdump. Along the way, he uses a combination of open-source and commercial software, so you can uncover the information you need with tools that are in your budget.
LinkedIn Learning
via LinkedIn
Paid, free trial available
English
Certificate of Completion
2h 15m
Self paced
Intermediate