Course
Traffic Analysis Case Studies
This course provides four demonstrations of analysis of network traffic from different malware types.
Course description
Different types of incident response investigations lend themselves to network-based analysis to different degrees. This course consists of a series of demonstrations where analysis of network traffic is used to infer information about different types of malware, including remote access Trojans (RATs), fileless malware, network worms and multi-stage infections.
Syllabus
Multi-Stage Malware Demo
Video - 00:23:00
Demonstration of analysis of a multi-stage malware infection based on a traffic capture.
Network Worm Demo
Video - 00:14:00
Demonstration of how a network worm looks in a traffic capture.
Fileless Malware Demo
Video - 00:16:00
Demonstration of the analysis of fileless malware using a traffic capture.
Remote Access Trojan (RAT) Demo
Video - 00:13:00
Demonstration of the analysis of a Remote Access Trojan's command-and-control traffic.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Target Developer
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Award-winning training you can trust




