Join Online Computer Courses & Hands-On Labs

Learn Wireshark

(UOP-CYB227.AJ1)

Lessons

Lab

TestPrep

Get A Free Trial

This course includes:

Free pre-assessment and first 2 lessons

5+ Interactive Lessons | 169+ Exercises

20+ Videos | 01:57+ Hours

Accessible on mobile and tablet too

Certificate of completion

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

Lesson Plan

Traffic Capture Overview

Reviewing packet analysis
Recognizing who benefits from using packet analysis
Identifying where to use packet analysis
Outlining when to use packet analysis
Getting to know Wireshark
Discovering the beginnings of today's Wireshark
Examining the Wireshark interface
Understanding the phases of packet analysis
Using command-line tools
Discovering support for different OS
Comparing different capture engines
Performing a standard Windows installation
Reviewing the resources available at Wireshark.org
Understanding the Wireshark welcome screen
Exploring the File menu
Discovering the Edit menu
Exploring the View menu

Getting Started with Wireshark

Reviewing the network architecture
Learning various capture methods
Tapping into the stream
Realizing the importance of baselining
Personalizing the layout and general appearance
Creating a tailored configuration profile
Adjusting columns, font, and colors
Adding comments
Modifying complex expressions
Filtering network traffic
Comprehending display filters
Creating capture filters
Understanding the expression builder
Discovering shortcuts and handy filters
Comprehending the OSI model
Discovering the purpose, protocols, and PDUs
Exploring the encapsulation process
Demonstrating frame formation in Wireshark

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

Reviewing the purpose of the transport layer
Describing TCP
Examining the eleven-field TCP header
Understanding UDP
Discovering the four-field UDP header
Dissecting the three-way handshake
Learning TCP options
Understanding TCP protocol preferences
Tearing down a connection

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

Understanding the purpose of the IP
Outlining IPv4
Exploring IPv6
Editing protocol preferences
Discovering tunneling protocols
Understanding the purpose of ICMP
Dissecting ICMPv4 and ICMPv6
Sending ICMP messages
Evaluating type and code values
Configuring firewall rules
Understanding the role and purpose of ARP
Exploring ARP headers and fields
Examining different types of ARP
Analyzing ARP attacks

Working with Packet Captures

Analyzing latency issues
Understanding the coloring rules
Exploring the Intelligent Scrollbar
Discovering the expert system
Discovering ways to subset traffic
Understanding options to save a file
Recognizing ways to export components
Identifying why and how to add comments
Diving into an overview of CS
Sharing captures in CS
Outlining the various filters and graphs
Evaluating the different analysis tools
Discovering where to find sample captures

Hands-on LAB Activities

Traffic Capture Overview

Using Packets to Build a Picture of a Network
Capturing and Classifying Background Traffic
Opening a Network Monitor .cap File

Getting Started with Wireshark

Capturing File Sets
Using a Ring Buffer to Conserve Drive Space
Adding the HTTP Host Field as a Column
Creating, Saving, and Applying a DNS Capture Filter

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

Using a Default Filter as a Seed for a New Filter
Locating TCP Connection Attempts to a Client
Exporting a Single TCP Conversation

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

Filtering HTTP Traffic the Right Way
Filtering Traffic to or from Online Backup Subnets
Applying Filter on HTTP 404 Responses
Applying Filters to Locate a Set of Keywords in a Trace File
Investigating an arp Cache
Adding a Column to Display Coloring Rules in Use
Building a Coloring Rule to Highlight FTP User Names, Passwords, and More

Working with Packet Captures

Exporting Malicious Redirection Packet Comments
Reading Analysis Notes in a Malicious Redirection Trace File
Splitting a File and Work with Filtered File Sets
Using Tshark to Extract HTTP GET Requests
Using Tshark to Capture File Sets with an Autostop Condition

Lessons Lab TestPrep AI Tutor

CompTIA A+ (220-1001)

ISBN: 9781644590768
220-1001

Lessons Lab TestPrep

Comprehensive Computer Technician (CompTIA A+ 1001/1002)

ISBN: 9781644590423
220-1001-220-1002

Lessons Lab TestPrep

CompTIA A+ (220-1002)

ISBN: 9781644590775
220-1002

Lessons Lab TestPrep AI Tutor

Complete A+ Guide to IT Hardware and Software (1101/1102)

ISBN: 9781644593844
220-1101-1102-SCH.AB1

Lessons Lab TestPrep AI Tutor Instructor-Led

CompTIA A+ Core 1 (220-1101) and Core 2 (220-1102)

ISBN: 9781644593967
220-1101-1102.AB1

Lessons Lab TestPrep AI Tutor Instructor-Led

CompTIA A+ (220-1101 & 220-1102)

ISBN: 9781644595282
220-1101-1102.AE2

Lessons Lab TestPrep AI Tutor Instructor-Led

CompTIA A+ (220-1102)

ISBN: 9781644595329
220-1102.AE2

Learn Wireshark

Are you an instructor?

Learn Wireshark

Skills You’ll Get

Interactive Lessons

Gamified TestPrep

Hands-On Labs

Video Lessons

Traffic Capture Overview

Getting Started with Wireshark

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

Working with Packet Captures

Traffic Capture Overview

Getting Started with Wireshark

The Internet Suite TCP/IP Part I: Decoding, Managing and Analyzing

The Internet Suite TCP/IP Part II: Exploring, Discovering and Understanding

Working with Packet Captures

Related Courses

CompTIA A+ (220-1001)

Comprehensive Computer Technician (CompTIA A+ 1001/1002)

CompTIA A+ (220-1002)

Complete A+ Guide to IT Hardware and Software (1101/1102)

CompTIA A+ Core 1 (220-1101) and Core 2 (220-1102)

CompTIA A+ (220-1101 & 220-1102)

CompTIA A+ (220-1102)