CompTIA

Learn Wireshark

(WRSHK.AJ1)/ISBN:978-1-64459-364-6

This course includes
Lessons
TestPrep
Hands-On Labs
Learn Wireshark

uCertify's course Learn Wireshark is a complete Wireshark tutorial that covers the following concepts thoroughly and provides a hands-on experience of Wireshark: Traffic Analysis, Exploring the Wireshark Interface, Outlining the OSI Model, and so on. This course is for network administrators, security analysts, students, teachers, and anyone interested in learning about packet analysis using Wireshark.

Lessons

17+ Lessons | 159+ Exercises | 80+ Quizzes | 110+ Flashcards | 110+ Glossary of terms

TestPrep

50+ Pre Assessment Questions | 50+ Post Assessment Questions |

Hands-On Labs

22+ LiveLab | 22+ Video tutorials | 32+ Minutes

Video Lessons

20+ Videos | 01:57+ Hours

Need guidance and support? Click here to check our Instructor Led Course.

Here's what you will learn

Download Course Outline

Lessons 1: Preface

  • Who this course is for?
  • What does this course cover?
  • To get the most out of this course

Lessons 2: Appreciating Traffic Analysis

  • Reviewing packet analysis
  • Recognizing who benefits from using packet analysis
  • Identifying where to use packet analysis
  • Outlining when to use packet analysis
  • Getting to know Wireshark
  • Summary

Lessons 3: Using Wireshark NG

  • Discovering the beginnings of today's Wireshark
  • Examining the Wireshark interface
  • Understanding the phases of packet analysis
  • Using command-line tools
  • Summary

Lessons 4: Installing Wireshark on a PC or macOS

  • Discovering support for different OS
  • Comparing different capture engines
  • Performing a standard Windows installation
  • Reviewing the resources available at Wireshark.org
  • Summary

Lessons 5: Exploring the Wireshark Interface

  • Understanding the Wireshark welcome screen
  • Exploring the File menu
  • Discovering the Edit menu
  • Exploring the View menu
  • Summary

Lessons 6: Tapping into the Data Stream

  • Reviewing the network architecture
  • Learning various capture methods
  • Tapping into the stream
  • Realizing the importance of baselining
  • Summary

Lessons 7: Personalizing the Interface

  • Personalizing the layout and general appearance
  • Creating a tailored configuration profile
  • Adjusting columns, font, and colors
  • Adding comments
  • Modifying complex expressions
  • Summary

Lessons 8: Using Display and Capture Filters

  • Filtering network traffic
  • Comprehending display filters
  • Creating capture filters
  • Understanding the expression builder
  • Discovering shortcuts and handy filters
  • Summary

Lessons 9: Outlining the OSI Model

  • Comprehending the OSI model
  • Discovering the purpose, protocols, and PDUs
  • Exploring the encapsulation process
  • Demonstrating frame formation in Wireshark
  • Summary

Lessons 10: Decoding TCP and UDP

  • Reviewing the purpose of the transport layer
  • Describing TCP
  • Examining the eleven-field TCP header
  • Understanding UDP
  • Discovering the four-field UDP header
  • Summary

Lessons 11: Managing TCP Connections

  • Dissecting the three-way handshake
  • Learning TCP options
  • Understanding TCP protocol preferences
  • Tearing down a connection
  • Summary

Lessons 12: Analyzing IPv4 and IPv6

  • Understanding the purpose of the IP
  • Outlining IPv4
  • Exploring IPv6
  • Editing protocol preferences
  • Discovering tunneling protocols
  • Summary

Lessons 13: Discovering ICMP

  • Understanding the purpose of ICMP
  • Dissecting ICMPv4 and ICMPv6
  • Sending ICMP messages
  • Evaluating type and code values
  • Configuring firewall rules
  • Summary

Lessons 14: Understanding ARP

  • Understanding the role and purpose of ARP
  • Exploring ARP headers and fields
  • Examining different types of ARP
  • Analyzing ARP attacks
  • Summary

Lessons 15: Troubleshooting Latency Issues

  • Analyzing latency issues
  • Understanding the coloring rules
  • Exploring the Intelligent Scrollbar
  • Discovering the expert system
  • Summary

Lessons 16: Subsetting, Saving, and Exporting Captures

  • Discovering ways to subset traffic
  • Understanding options to save a file
  • Recognizing ways to export components
  • Identifying why and how to add comments
  • Summary

Lessons 17: Using CloudShark for Packet Analysis

  • Diving into an overview of CS
  • Sharing captures in CS
  • Outlining the various filters and graphs
  • Evaluating the different analysis tools
  • Discovering where to find sample captures
  • Summary

Hands-on LAB Activities

Using Wireshark NG

  • Splitting a File and Work with Filtered File Sets
  • Using Tshark to Extract HTTP GET Requests
  • Using Tshark to Capture File Sets with an Autostop Condition

Exploring the Wireshark Interface

  • Capturing and Classifying Background Traffic
  • Opening a Network Monitor .cap File

Tapping into the Data Stream

  • Capturing File Sets
  • Using a Ring Buffer to Conserve Drive Space

Personalizing the Interface

  • Adding a Column to Display Coloring Rules in Use
  • Adding the HTTP Host Field as a Column

Using Display and Capture Filters

  • Using a Default Filter as a Seed for a New Filter
  • Creating, Saving, and Applying a DNS Capture Filter
  • Applying Filters to Locate a Set of Keywords in a Trace File
  • Exporting a Single TCP Conversation
  • Applying Filter on HTTP 404 Responses
  • Filtering Traffic to or from Online Backup Subnets
  • Filtering HTTP Traffic the Right Way

Decoding TCP and UDP

  • Locating TCP Connection Attempts to a Client

Managing TCP Connections

  • Using Packets to Build a Picture of a Network

Understanding ARP

  • Investigating an arp Cache

Troubleshooting Latency Issues

  • Building a Coloring Rule to Highlight FTP User Names, Passwords, and More

Subsetting, Saving, and Exporting Captures

  • Exporting Malicious Redirection Packet Comments
  • Reading Analysis Notes in a Malicious Redirection Trace File