Back to trainings
Cybersécurité
Network Forensics – Investigation and Traceability of Network Threats
5 jour(s) • 35h
Description
Training objective: Develop the skills necessary to integrate network evidence into forensic investigations, reconstruct attacker actions, extract evidentiary elements from network captures (PCAP, NetFlow, proxy, SSL), analyze protocols, detect suspicious behaviors, and automate large-scale analysis.
Learning Objectives
- Collect, filter, and interpret network data for forensic purposes
- Reconstruct attacks from captures and network logs
- Extract files and identify suspicious behaviors from PCAP data
- Use NetFlow data to investigate over time
- Decrypt and analyze TLS exchanges within a legal framework
- Automate network analysis using open-source tools or scripts
- Conduct a comprehensive network investigation in hybrid environments
Target Audience
Forensic analysts, SOC engineers, Blue Team, CERT members
Cybersecurity consultants / incident response specialists
Technical investigators or network specialists
Prerequisites
Proficiency in network protocols (TCP/IP, DNS, HTTP, etc.).
Experience in operational security or network traffic analysis.
Basic knowledge of command-line interfaces (Linux, scripting).
Program Outline
Informations
Duration
5 jour(s)
35h
Tarif
3450 € HT
HT