Home > Support > Training / Courses >

print

Course Outline

WP-201 Advanced Network Analysis and Troubleshooting ("Packets Never Lie")

Duration
Public Class Duration: 3 Days (prerequisite of WP-200 STRONGLY recommended)
Web-Delivered Class Duration: 4 half days (9:30 AM PT - 12:00 PM PT M-TH)

Prerequisite: WP-200 strongly recommended

Overview and Method
This course dives deeper into protocol analysis, particularly a more thorough understanding of TCP/IP and related protocol variants, both benevolent and nefarious. It builds on the troubleshooting concepts in WP-200 to include long-term statistics gathering, monitoring, and general network health. The in-class activities are a bit more advanced, often combining concepts in more complex scenarios for students to decipher. Successful graduates from this class will be ready to immediately apply skills in real-world environments

1. Introduction and Overview
   1. Introductions and logistics
   2. Class organization
   3. Special slides and notations
   4. Philosophy
2. The Internet Protocol (IP) In-Depth
   1. Overview of
   2. The IP header and its fields
   3. IP Type of Service and Differentiated Services
   4. Using the IP ID to assess remote load
   5. IP Fragmentation Services
   6. IP Options
3. ARP
   1. Important ARP facts
   2. Expected ARP behavior
   3. ARP Types
   4. ARP security
4. UDP and TCP Conversations
   1. Review of the Transport Layer
   2. Reliable vs. unreliable communications
   3. Overview of UDP application layer protocols
5. ICMP
   1. Examples of ICMP messages
   2. The ICMP header
   3. ICMP message types
6. DHCP
   1. Basic DHCP operations: DORA
   2. Other DHCP messages
   3. Problems with DHCP
   4. Analyzing DHCP
   5. Troubleshooting DHCP
7. DNS
   1. DNS organization
   2. DNS in the Peek analyzer
   3. DNS packet structure and the DNS header
   4. Troubleshooting DNS
8. IGMP and Multicasts
   1. Layer 2 multicast groups
   2. The IGMP header
   3. IGMP in the Peek analyzer
9. SNMP and Rmon
   1. The SNMP MIB
   2. SNMP packets in the Peek analyzer
   3. What is RMON?
   4. SNMP troubleshooting techniques
10. IP Security
    1. IP header review
    2. Security-related IP header fields
    3. Types of exploits
11. Packet Biathlon – OmniPeek*
    1. This intensive hands-on lab will allow students to use the OmniPeek Product Family focusing on analysis situations. The course is comprised of a series of in-depth, instructor lead scenarios and trace files that effect an enterprise operation.