Overview

CybrScore’s Parse Files Out of Network Traffic is a Cybrary lab intended for students of Intermediate level. The Parse Files Out of Network Traffic lab teaches students how to use the network traffic analysis tools Wireshark and Network Miner to analyze network traffic and identify potential file transfers and extract files. Wireshark is a commonly used open source network protocol analyzer that can be used in both static and dynamic analysis and includes numerous features, including network troubleshooting, protocol development, and packet analysis. Network Miner is an open source network forensic analysis tool that can parse pcap files as well as perform live network traffic sniffing. Network Miner can be used to determine operating systems, sessions, hostnames, open ports, and can automatically recognize and extract plain text data, images, files, credentials, and DNS information.

In the Parse Files Out of Network Traffic lab students will learn how to establish a remote connection using a virtual machine, then use Wireshark to begin a network packet capture to analyze network traffic. The students will then use the Wireshark network packet capture to identify potential file transfers across the network. Students will also learn how to use Network Miner to review a packet capture for information about a file transfer. CybrScore’s Parse Files Out of Network Traffic lab takes approximately 1 hour to complete.

In CyberScore’s Parse Files Out of Network Traffic lab, students will learn about using protocol analyzers. This skill is a key part of the Cyber Defense Analyst work role and builds to the ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.

In CybrScore’s Parse Files Out of Network Traffic lab, students will learn about analyzing network traffic. This skill is a key part of the Cyber Defense Analyst work role and builds to the ability to analyze events that occur in a network environment to mitigate threats.

In CybrScore’s Parse Files Out of Network Traffic lab, students will learn about reviewing a packet capture to extract important information. This skill is a key part of the Cyber Defense Analyst work role and builds to the ability to interpret the information collected by network tools.

CybrScore’s Parse Files Out of Network Traffic lab is part of the Cyber Defense Analyst career path. Completion of the Parse Files Out of Network Traffic lab means that the student has demonstrated the ability to use protocol analyzers, analyze network traffic and review a packet capture to extract important information and learned how to identify file transfers on the network.