From the course: CCNA Cybersecurity (200-201) v1.2 Cert Prep

Unlock this course with a free trial

Join today to access over 25,200 courses taught by industry experts.

Module 4: Network traffic analysis and interpretation

Module 4: Network traffic analysis and interpretation

From the course: CCNA Cybersecurity (200-201) v1.2 Cert Prep

Module 4: Network traffic analysis and interpretation

(bright music) - [Narrator] In this module, we're diving into network traffic analysis and interpretation. And by analyzing traffic flowing through our network, we not only can better spot active intrusions, but it can also help us to verify our defenses such as our firewalls, our IDS, and our IPS sensors. It can help make sure that they're working as expected. And also in this module, we're going to check out DPI, or deep packet inspection. We'll compare net flow summaries of traffic with full packet captures and talk about when we should use each one, and we'll examine what's going on with the various fields in our protocol headers. And we'll also see how regular expressions, or Regex, can be used to zero in on suspicious patterns within a very large traffic log. We're going to be doing some demos with Wireshark as well. We'll begin by capturing a Telenet session and seeing if we can find the password inside of that capture traffic, because after all Telenet is in clear text. Then…

Contents