FOR231 - Internet Design and Protocols

How is data transmitted from one machine to another over the Internet? What network protocols are used by the Internet? How do you capture network traffic? What information is recorded by a user’s Internet Service Provider? How do you trace the origin of a Distributed Denial of Service Attack? This course will answer these questions and more, and provide the forensic investigator with the knowledge necessary to gather information about a suspect’s use of the internet. The student will learn how to capture network traces and trace the route through the Internet that packets followed. 

Level: Intermediate
Audience:

Cyber forensics investigators

Topics:
  • Fundamental concepts

    • Communications
    • OSI network stack
    • Internet protocol suite
  • Network analysis tools and software

    • Message Analyzer
    • WireShark
    • Protocol analyzers
  • Physical layer

    • Signaling
    • Network topologies
    • Cabling types
    • Ethernet
  • Datalink layer

    • IEEE 802
    • Ethernet and IEEE 802.3 frames
    • Logical link control
    • Media access control
  • Network layer

    • Description
    • Internet Protocol v4 (IPv4)
    • Network Address Translation (NAT)
    • Routing
    • Address Resolution Protocol (ARP)
    • Internet Control Message Protocol (ICMP)
    • Routing protocols
    • Internet Protocol v6 (IPv6)
  • Transport layer

    • Description
    • Transport Control Protocol (TCP)
    • User Datagram Protocol (UDP)
  • Support protocols

    • Domain Name System (DNS)
    • Dynamic Host Control Protocol v4 (DHCPv4)
    • Dynamic Host Control Protocol v6 (DHCPv6)
    • Transport Layer Security/Secure Sockets Layer (TLS/SSL)
  • Application layer

    • Hypertext Transfer Protocol (HTTP)
    • File Transfer Protocol (FTP)
    • Simple Mail Transfer Protocol (SMTP)
    • Post Office Protocol (POP)
  • Microsoft Exchange Server Protocol
Operating systems supported:

All Windows versions

Durations and formats: 5 days with labs