From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Protocol analyzers
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Protocol analyzers
- [Instructor] Protocol analyzers are an important tool available to both network and security professionals. Protocol analyzers allow administrators to peer into the actual packets traveling on a network and inspect them in deep detail. This is very useful when trying to troubleshoot network issues or investigate security incidents. Protocol analyzers must be used carefully however because they can also jeopardize the confidentiality of sensitive information when they're used in the wrong hands. Let's take a look at a protocol analyzer in use. We're going to use Wireshark, the most common and free protocol analyzer. Right here I'm running Wireshark on a server that runs in the cloud, and I have an RDP session opened to this system from my laptop that's running over port 3389. I'm going to go here and just click start to initiate the packet capture. And immediately the screen begins filling up with lines of…
Contents
-
-
-
-
(Locked)
Endpoint monitoring3m 23s
-
(Locked)
Malware prevention7m 17s
-
(Locked)
File system integrity monitoring4m 42s
-
(Locked)
Network monitoring4m 20s
-
(Locked)
Protocol analyzers6m 39s
-
(Locked)
DNS harvesting4m 30s
-
(Locked)
Intrusion detection and prevention8m 29s
-
(Locked)
Web security tools3m 40s
-
(Locked)
Impact analysis3m 50s
-
(Locked)
Querying logs7m 10s
-
(Locked)
-
-
-
-
-