Enumerating the Network Infrastructure as a Forensics Analyst from Pluralsight

This course will teach you how to apply your theoretical knowledge of networking to both real time and post incident forensic analysis of network based data.

Cyber crimes are a continual threat to any network, and having a strategy to prevent, protect and pursue is increasingly important. In this course, Enumerating the Network Infrastructure as a Forensics Analyst, you’ll learn how to apply the theoretical knowledge of TCP/IP and network-based protocols and devices to assist in the collection, analysis, and dissemination of network-based material and evidence as part of a forensic investigation. First, you’ll explore the key elements of TCP/IP and how they apply within the world of forensic investigation. Next, you’ll discover how your knowledge of physical and logical networking can assist you in finding material quickly and efficiently. Finally, you’ll learn how to analyze network-based data and material to draw confident conclusions to events and incidents which may have occurred. When you’re finished with this course, you’ll have the skills and knowledge of enumerating the network infrastructure needed to collect, collate, and forensically analyze material from a wide range of sources which will assist you in producing evidential reports, fast time support to interview and supporting ongoing investigation.

Network forensics is the investigation of network traffic patterns and data captured in transit between computing devices. Network forensics can provide insight into the source and extent of an attack. It also can supplement investigations focused on information left behind on computer hard drives following an attack.

You should be familiar with the basic concepts of the OSI and TCP/IP models and some of the key networking protocols and devices in use on a modern network and be involved or interested in first response, incident handling, and digital forensics.

A network protocol is an established set of rules that determine how data is transmitted between different devices in the same network. Essentially, it allows connected devices to communicate with each other, regardless of any differences in their internal processes, structure or design. The network device is one kind of device used to connect devices or computers together to transfer resources or files like fax machines or printers. Examples of network devices include switch, hub, bridge, router, gateway, modem, repeater & access point.

The Internet works by using a protocol called TCP/IP, or Transmission Control Protocol/Internet Protocol. TCP/IP is the underlying communication language of the Internet. In base terms, TCP/IP allows one computer to talk to another computer via the Internet through compiling packets of data and sending them to right location.

A digital forensic investigator backtracks the footprints of the lawbreaker to extract digital artifacts. These pieces of evidence then help in retrieving useful data to support the legal proceedings. Usually, digital artifacts consist of computer files, hard drives, emails, images, and other storage devices.

What's inside

Syllabus

Course Overview

Applying Physical Networking Concepts to a Forensic Investigation

Defining Key Network Protocols for Supporting an Investigation

Securing the Infrastructure

Comparing Workgroups and Domains and How They Can Affect an Investigation

Understanding Wireless Networks

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Develops foundational knowledge of TCP/IP and networking, which are essential for network security professionals

Examines network forensic techniques, which are crucial for analyzing and responding to cybersecurity threats

Taught by industry expert Phil Chapman, who has extensive experience in network forensics

Applies theoretical concepts to real-world forensic investigations, providing practical experience

Prerequisite knowledge is assumed, which may limit accessibility for beginners

Focuses on network forensics, which may not be relevant to all cybersecurity professionals

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Enumerating the Network Infrastructure as a Forensics Analyst with these activities:

Review OSI and TCP/IP models

Show steps

Strengthen your understanding of the OSI and TCP/IP models, which are fundamental to network forensics investigations.

Browse courses on OSI Model

Show steps

Read articles, tutorials, or book chapters on the OSI and TCP/IP models.
Review diagrams and explanations of the different layers and protocols.
Practice identifying the layers and protocols involved in various network scenarios.

Read 'TCP/IP Illustrated, Volume 1: The Protocols'

Show steps

Build a strong foundation in network protocols and improve your understanding of TCP/IP.

View TCP/IP Illustrated, Volume 3 on Amazon

Show steps

Read each chapter thoroughly.
Take notes and highlight important concepts.
Complete the practice exercises at the end of each chapter.

Join a study group or online forum

Show steps

Engage with peers, share knowledge, and clarify concepts to reinforce your understanding of the course material.

Show steps

Identify relevant study groups or online forums focused on network forensics.
Join the group and actively participate in discussions.
Ask questions, share insights, and collaborate on projects.

Four other activities

Expand to see all activities and additional details

Show all seven activities

Build a home network

Show steps

Gain hands-on experience in setting up and managing a network, enhancing your understanding of network concepts.

Browse courses on Network Infrastructure

Show steps

Gather necessary hardware and software.
Design the network topology.
Configure the network devices.
Test the network connectivity.
Troubleshoot any issues.

Follow tutorials on network forensics tools

Show steps

Enhance your knowledge and skills in using network forensics tools to analyze and investigate network-based incidents.

Browse courses on Network Forensics

Show steps

Identify reputable online resources or platforms offering network forensics tutorials.
Select tutorials that align with your learning objectives and skill level.
Follow the step-by-step instructions and practice using the tools.
Experiment with different scenarios and data sets to deepen your understanding.

Write a report on a network forensics investigation

Show steps

Apply your knowledge and skills in network forensics to conduct a thorough investigation and document your findings.

Browse courses on Network Forensics

Show steps

Select a realistic scenario or data set.
Conduct a comprehensive network forensics investigation.
Analyze and interpret the collected data.
Prepare a detailed report that outlines your findings and conclusions.

Contribute to open-source network forensics projects

Show steps

Gain hands-on experience and contribute to the development of network forensics tools and techniques.

Browse courses on Network Forensics

Show steps

Identify open-source network forensics projects that align with your interests.
Join the project community and learn about their goals and needs.
Contribute code, documentation, or other resources to the project.
Collaborate with other contributors and learn from their expertise.

Career center

Learners who complete Enumerating the Network Infrastructure as a Forensics Analyst will develop knowledge and skills that may be useful to these careers:

Network Security Analyst

Network Security Analysts are responsible for protecting an organization's network from unauthorized access and cyberattacks. This course will help you to develop the skills and knowledge necessary to secure network infrastructure and protect against cyber threats. You'll learn about network security protocols, devices, and technologies, as well as how to identify and respond to security breaches.

See salaries and explore the career path for Network Security Analyst

Digital Forensic Investigator

Digital forensic investigators are responsible for the analysis, preservation, and presentation of digital evidence for use in criminal trials. This course will help you to develop the skills and knowledge necessary to identify, collect, and analyze digital evidence from network traffic, which will be useful in your work as a Digital Forensic Investigator. You'll learn how to use network analysis tools to investigate network intrusions, identify malicious activity, and track down the perpetrators of cybercrimes.

See salaries and explore the career path for Digital Forensic Investigator

Cybersecurity Analyst

Cybersecurity Analysts are responsible for protecting an organization's computer systems and networks from unauthorized access, cyberattacks, and other security threats. This course will help you to develop the skills and knowledge necessary to analyze network traffic and identify malicious activity. You'll learn about network security protocols, devices, and technologies, as well as how to investigate and respond to cybersecurity incidents.

See salaries and explore the career path for Cybersecurity Analyst

Forensic Network Analyst

Forensic network analysts investigate network traffic to identify and analyze evidence of cybercrimes. This course will help you develop the skills and knowledge necessary to collect, analyze, and present network-based evidence. You'll learn about network security protocols, devices, and technologies, as well as how to use network analysis tools to investigate cybercrimes.

See salaries and explore the career path for Forensic Network Analyst

Security Engineer

Security Engineers are responsible for designing, deploying, and maintaining security measures to protect an organization's networks and data from unauthorized access and cyberattacks. This course will help you to develop the skills and knowledge necessary to secure network infrastructure and protect against cyber threats. You'll learn about network security protocols, devices, and technologies, as well as how to design and implement security measures.

See salaries and explore the career path for Security Engineer

Incident Responder

Incident Responders are responsible for responding to and mitigating security incidents, such as cyberattacks and data breaches. This course will help you to develop the skills and knowledge necessary to investigate and respond to network security incidents. You'll learn about network security protocols, devices, and technologies, as well as how to conduct incident investigations and develop incident response plans.

See salaries and explore the career path for Incident Responder

Security Consultant

Security Consultants provide advice and guidance to organizations on how to improve their security posture. This course will help you to develop the skills and knowledge necessary to assess network security risks and make recommendations for security improvements. You'll learn about network security protocols, devices, and technologies, as well as how to conduct security assessments and develop security plans.

See salaries and explore the career path for Security Consultant

IT Auditor

IT Auditors are responsible for evaluating an organization's IT systems and controls to ensure that they are operating in accordance with the organization's policies and procedures. This course will help you to develop the skills and knowledge necessary to audit network infrastructure and identify security vulnerabilities. You'll learn about network security protocols, devices, and technologies, as well as how to conduct IT audits and assess the effectiveness of IT controls.

See salaries and explore the career path for IT Auditor

Systems Administrator

Systems Administrators are responsible for managing and maintaining an organization's computer systems and networks. This course will help you develop the skills and knowledge necessary to manage network devices, configure network protocols, and troubleshoot network problems. You'll learn about network security protocols, devices, and technologies, as well as how to manage and maintain computer systems and networks.

See salaries and explore the career path for Systems Administrator

Network Administrator

Network Administrators are responsible for managing and maintaining an organization's network infrastructure. This course will help you develop the skills and knowledge necessary to manage network devices, configure network protocols, and troubleshoot network problems. You'll learn about network security protocols, devices, and technologies, as well as how to manage and maintain network infrastructure.

See salaries and explore the career path for Network Administrator

Penetration Tester

Penetration Testers assess the security of networks and systems by simulating cyberattacks. This course will help you develop the skills and knowledge necessary to conduct penetration tests and identify security vulnerabilities. You'll learn about network security protocols, devices, and technologies, as well as how to use penetration testing tools to assess the security of networks and systems.

See salaries and explore the career path for Penetration Tester

Information Security Analyst

Information Security Analysts are responsible for protecting an organization's information assets from unauthorized access, use, disclosure, disruption, modification, or destruction. This course will help you to develop the skills and knowledge necessary to analyze network traffic and identify malicious activity. You'll learn about network security protocols, devices, and technologies, as well as how to investigate and respond to security incidents.

See salaries and explore the career path for Information Security Analyst

Business Analyst

Business Analysts help organizations improve their business processes and performance. This course will help you develop the skills and knowledge necessary to analyze network traffic and identify opportunities for improvement. You'll learn about network security protocols, devices, and technologies, as well as how to use business analysis tools to identify and solve business problems.

See salaries and explore the career path for Business Analyst

Software Engineer

Software Engineers design, develop, and maintain software applications. This course will help you develop the skills and knowledge necessary to design and develop secure software applications. You'll learn about network security protocols, devices, and technologies, as well as how to implement security measures in software applications.

See salaries and explore the career path for Software Engineer

Data Scientist

Data Scientists use data to solve problems and make predictions. This course will help you develop the skills and knowledge necessary to collect, analyze, and interpret data from network traffic. You'll learn about network security protocols, devices, and technologies, as well as how to use data analysis tools to identify trends and patterns in network traffic.

See salaries and explore the career path for Data Scientist