From the course: CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
PCAP files
From the course: CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep
PCAP files
- In this lesson, we're going to discuss packet captures. Now a packet capture file, or PCAP file, is a data file that contains all the live network packet data from layers two through seven of the OSI model. This file can then be analyzed using a packet analyzer like Wireshark in order to reconstruct the different network communications that occurred to and from a given endpoint. As a cybersecurity practitioner, you need to know how to collect and analyze information in a packet capture file. To do this, you're going to first capture the network traffic and its data frames. To help you with this, you're going to use a switch port analyzer or a SPAN port. Now this is sometimes also called a mirror port. A SPAN port or a mirror port is going to allow for copying of ingress and egress communications from one or more switch ports to another. Essentially, it's going to make a copy of everything going in or out of a port, and then put that onto a duplicate port where you can capture it or…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
Securing networks6m 48s
-
Switches7m 27s
-
(Locked)
Routers8m 27s
-
(Locked)
Wireless and mesh3m 23s
-
(Locked)
Firewalls11m 30s
-
(Locked)
Proxies6m 59s
-
(Locked)
Gateways4m 39s
-
(Locked)
IDS and IPS6m 29s
-
(Locked)
Network access control2m 56s
-
(Locked)
Remote access8m 59s
-
(Locked)
Unified communication19m 8s
-
(Locked)
Cloud vs. on-premises4m 49s
-
(Locked)
DNSSEC4m 16s
-
(Locked)
Load balancer6m 48s
-
-
-
Securing architectures1m 16s
-
Traffic mirroring4m 23s
-
(Locked)
Network sensors11m 46s
-
(Locked)
Host sensors6m 15s
-
(Locked)
Layer 2 segmentation5m 14s
-
(Locked)
Network segmentation13m 14s
-
(Locked)
Server segmentation10m 51s
-
(Locked)
Zero trust6m 37s
-
(Locked)
Merging networks5m 32s
-
(Locked)
Software-defined networking5m 27s
-
-
-
Cloud and virtualization1m 6s
-
Cloud deployment models4m 34s
-
(Locked)
Cloud service models5m 7s
-
(Locked)
Deployment considerations4m 57s
-
(Locked)
Provider limitations2m 59s
-
(Locked)
Extending controls5m 6s
-
(Locked)
Provisioning and deprovision2m 59s
-
(Locked)
Storage models5m 22s
-
(Locked)
Virtualization7m 56s
-
-
-
Authentication and authorization1m 44s
-
Access control4m 47s
-
(Locked)
Credential management4m 27s
-
(Locked)
Password policies8m 2s
-
(Locked)
Multifactor authentication8m 25s
-
(Locked)
Authentication protocols10m
-
(Locked)
Federation7m 2s
-
(Locked)
Root of trust4m 24s
-
(Locked)
Attestation2m 14s
-
(Locked)
Identity proofing3m 33s
-
-
-
Emerging technology4m 18s
-
Artificial intelligence and machine learning8m 55s
-
(Locked)
Deep learning8m 58s
-
(Locked)
Big data4m 40s
-
(Locked)
Blockchain distributed consensus5m 36s
-
(Locked)
Passwordless authentication5m 17s
-
(Locked)
Homomorphic encryption3m 37s
-
(Locked)
Virtual and augmented reality4m 32s
-
(Locked)
3D printing3m 3s
-
(Locked)
Quantum computing5m 34s
-
-
-
(Locked)
Threat and vulnerability management1m 56s
-
(Locked)
Threat intelligence6m 19s
-
(Locked)
Threat hunting6m 43s
-
(Locked)
Intelligence collection11m 9s
-
(Locked)
Threat actors9m 21s
-
(Locked)
Threat management frameworks12m 45s
-
(Locked)
Vulnerability management activities11m 44s
-
(Locked)
Security Content Automation Protocol7m 21s
-
(Locked)
-
-
(Locked)
Analyzing vulnerabilities1m 22s
-
(Locked)
Race conditions4m 58s
-
(Locked)
Buffer overflows12m 27s
-
(Locked)
Authentication and references5m 56s
-
(Locked)
Ciphers and certificates10m 46s
-
(Locked)
Improper headers6m 9s
-
(Locked)
Software composition9m 49s
-
(Locked)
Vulnerable web applications11m 45s
-
(Locked)
-
-
(Locked)
Attacking vulnerabilities1m 15s
-
(Locked)
Directory traversals9m 48s
-
(Locked)
Cross-Site Scripting (XSS)8m 59s
-
(Locked)
Cross-site request forgery (CSRF)7m 15s
-
(Locked)
SQL injections7m 5s
-
(Locked)
XML injections6m 29s
-
(Locked)
Other injection attacks4m 21s
-
(Locked)
Authentication bypass6m 45s
-
(Locked)
VM attacks4m 52s
-
(Locked)
Network Attacks11m 3s
-
(Locked)
Social engineering7m 15s
-
(Locked)
-
-
(Locked)
Enterprise mobility2m 36s
-
(Locked)
Enterprise mobility management9m 36s
-
(Locked)
WPA37m 20s
-
(Locked)
Connectivity options8m 48s
-
(Locked)
Security configurations8m 8s
-
(Locked)
DNS protection3m 15s
-
(Locked)
Deployment options4m 38s
-
(Locked)
Reconnaissance concerns8m
-
(Locked)
Mobile security7m 50s
-
(Locked)
-
-
(Locked)
Endpoint security controls2m 24s
-
(Locked)
Device hardening8m 30s
-
(Locked)
Patching4m 41s
-
(Locked)
Security settings5m 41s
-
(Locked)
Mandatory access controls (MAC)6m 44s
-
(Locked)
Secure boot5m 49s
-
(Locked)
Hardware encryption4m 48s
-
(Locked)
Endpoint protections9m 54s
-
(Locked)
Logging and monitoring6m 14s
-
(Locked)
Resiliency6m 4s
-
(Locked)
-
-
(Locked)
Cloud technologies2m 37s
-
(Locked)
Business continuity and disaster recovery7m 51s
-
(Locked)
Cloud encryption5m 23s
-
(Locked)
Serverless computing8m 54s
-
(Locked)
Software-defined networking (SDN)6m 52s
-
(Locked)
Log collection and analysis4m 22s
-
(Locked)
Cloud application security broker6m 16s
-
(Locked)
Cloud misconfigurations10m 57s
-
(Locked)
-
-
(Locked)
Asymmetric algorithms2m 11s
-
(Locked)
Using asymmetric algorithms9m 28s
-
(Locked)
SSL, TLS, and cipher suites8m 21s
-
(Locked)
S/MIME and SSH7m 27s
-
(Locked)
EAP5m 39s
-
(Locked)
IPSec14m 34s
-
(Locked)
Elliptic curve cryptography (ECC)3m 33s
-
(Locked)
Forward secrecy3m 35s
-
(Locked)
Authenticated encryption with associated data (AEAD)1m 53s
-
(Locked)
Key stretching4m 30s
-
(Locked)
-
-
(Locked)
Public key infrastructure4m 30s
-
(Locked)
PKI components10m 18s
-
(Locked)
Digital certificates7m 44s
-
(Locked)
Using digital certificates5m 40s
-
(Locked)
Trust models4m 28s
-
(Locked)
Certificate management2m 44s
-
(Locked)
Certificate validity: CRL and OCSP3m 48s
-
(Locked)
Protecting web traffic3m 30s
-
(Locked)
Troubleshooting certificates5m 22s
-
(Locked)
Troubleshooting keys3m 35s
-
(Locked)