Network Forensics and Threat Hunting

FOR 440
Description: An organization's network is always at risk of being compromised. Students will learn how to find threats and eliminate them by mastering the practical and theoretical aspects of traffic analysis and network forensics as it applies to enterprise investigations. Students will collect and analyze of evidence from different network sources such as firewalls, routers, DNS & DHCP services, Host/Network IDS, and logs. Starting with basic network packet capture analysis, detection of abnormal activity, and covert communication channels to lateral movement, students will apply Threat Hunting to follow the footprints of a threat actor.

Prerequisite: Complete FOR-340 or SEC-350 with a C or better.
Credits: 3

Currently Offered