Network Protocols in Security Operations

What you’ll learn and how you can apply it

• How to identify and address vulnerabilities within key network protocols such as TCP/IP, HTTP, and DNS, and how these vulnerabilities can impact overall network security
• Techniques for effectively monitoring and analyzing network traffic to detect anomalies and potential threats, leveraging tools and methods for protocol analysis.
• Best practices for securing network protocols and configuring security appliances firewalls and IDS/IPS systems to enhance network protection.
• How to use network protocols in incident detection and response, including investigative steps and strategies for managing protocol-based security incidents.

This live event is for you because...

• Entry-Level Professionals: This training provides foundational knowledge of network protocols and their crucial role in security operations, equipping newcomers with the essential skills to effectively understand, monitor, and secure network traffic.
• Mid-Level IT Professionals: For those with existing cybersecurity experience, the course offers an advanced understanding of network protocol vulnerabilities, monitoring techniques, and incident response strategies, enhancing their ability to manage and improve network security operations.
• Organizations: This training delivers critical insights into implementing and configuring security measures for network protocols, empowering those managing network infrastructure to better safeguard their environments and respond to security incidents effectively.
• SOC Analysts: This course is invaluable for Security Operations Center (SOC) analysts, providing a deep understanding of network protocols and their security implications. SOC analysts will gain advanced skills in monitoring network traffic, identifying protocol-based anomalies, and responding to security incidents, thereby enhancing their real-time threat detection and incident response capabilities.

Prerequisites

• Basic Understanding of Networking Fundamentals: While not mandatory, a basic grasp of networking concepts and terminology will help participants better understand the role of network protocols in security operations.
• Familiarity with Cybersecurity Concepts: Knowledge of fundamental cybersecurity principles, including common threats and vulnerabilities, will facilitate a deeper comprehension of how network protocols interact with security measures.
• IT or Security Background: Attendees with prior experience in information technology or cybersecurity will find the course more accessible. Familiarity with network infrastructure, security tools, and protocols will enhance their ability to apply the concepts discussed in the training.

Course Set-up

• A computer with internet access
• Access to a command-line interface (Terminal for Mac/Linux, Command Prompt or PowerShell for Windows)
• We will be using web-based interactive tools for simulating network environments and protocol behavior. Participants don't need to download anything in advance for these.

During the exercise, we'll use a combination of:

1. Command-line tools like ping, traceroute, and nslookup to demonstrate basic protocol behavior
2. Web-based network simulation tools (like packet tracer) for more complex scenarios
3. Guided walk throughs of protocol analysis using pre-prepared, safe examples

If participants want to prepare, they can familiarize themselves with basic command-line usage on their operating system. However, step-by-step instructions will be provided during the session.

Recommended Preparation

• Read: Networking Fundamentals by Gordon Davies
• Read: Network Security: Private Communications in a Public World, 3rd Edition By Charlie Kaufman, Radia Perlman, Mike Speciner, Ray Perlner

Recommended Follow-up

• Watch: TCP/IP Fundamentals by Michael J Shannon
• Attend: TCP/IP Fundamentals by Michael Shannon
• Read: Introduction to Computer Networks and Cybersecurity by Chwan-Hwa (John) Wu, J. David Irwin
• Read: The Cybersecurity Playbook by Allison Cerra