Professor: Ali Hadi
Class Description: An organization's network is always at risk of being compromised. Students will learn how to find threats and eliminate them by mastering the practical and theoretical aspects of traffic analysis and network forensics as it applies to enterprise investigations. Students will collect and analyze evidence from different network sources such as firewalls, routers, DNS & DHCP services, Host/Network IDS, and logs. Starting with basic network packet capture analysis, detection of abnormal activity, and covert communication channels to lateral movement, students will apply Threat Hunting to follow the footprints of a threat actor.
Credits: 3