This module provides some conceptual and practical information on processes, tools, and considerations for analyzing captures of network traffic.
For your lab work, ensure you have access to both a Linux desktop environment with root, and a Windows desktop with Administrator. You will be showing your work to the professor throughout the semester, so you will need to be able to share your lab system screen, and the lab system you use will need to be clearly identified as your own (you should use your own name for the login, or at least something unique to you). No marks will be given for showing work on a lab system which is not your own.
At the end of this module, students will:
These objectives are in support of all Learning Outcomes in the Course Outline.
Watch the videos from the presentation, as well as the videos listed under additional resources. Briefly review the materials available at the other websites listed under Additional Resources. Do the Network Capture Analysis Project - this is your semester project.
The lab instructions tell you what parts of the lab activity are graded, and when you need to be capturing screenshots during the lab.
The quiz is found on Blackboard under Assignments and Tests.
There is no separate test for this topic. The quiz will count for your testing mark in this topic.
In this module, we worked with capturted network data to identify and extract artifacts of interest to a forensic investigation. You should have:
Completing the quiz will provide you with a measure of your knowledge in these areas. For the next class you should have your computing environment available with access to both Linux and Windows.