Traffic Analysis Case StudiesThis course provides four demonstrations of analysis of network traffic from different malware types.
Course descriptionDifferent types of incident response investigations lend themselves to network-based analysis to different degrees. This course consists of a series of demonstrations where analysis of network traffic is used to infer information about different types of malware, including remote access Trojans (RATs), fileless malware, network worms and multi-stage infections.
Multi-Stage Malware Demo
Video - 00:23:00
Demonstration of analysis of a multi-stage malware infection based on a traffic capture.
Network Worm Demo
Video - 00:14:00
Demonstration of how a network worm looks in a traffic capture.
Fileless Malware Demo
Video - 00:16:00
Demonstration of the analysis of fileless malware using a traffic capture.
Remote Access Trojan (RAT) Demo
Video - 00:13:00
Demonstration of the analysis of a Remote Access Trojan's command-and-control traffic.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Target Developer
Plans & pricing
- Team administration and reporting
- Dedicated client success manager
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps