1
00:00:07,080 --> 00:00:10,880
- Welcome to lesson 10,
Network Intrusion Analysis.

2
00:00:10,880 --> 00:00:13,410
This lesson starts by introducing

3
00:00:13,410 --> 00:00:15,930
intrusion analysis fundamentals,

4
00:00:15,930 --> 00:00:19,970
examining packet captures
and protocol headers.

5
00:00:19,970 --> 00:00:23,020
You will learn how to
analyze security device data

6
00:00:23,020 --> 00:00:26,860
and the differences
between false positives,

7
00:00:26,860 --> 00:00:31,330
false negatives, true
positives and true negatives.

8
00:00:31,330 --> 00:00:35,170
You will learn how to compare
inline traffic interrogation

9
00:00:36,618 --> 00:00:38,610
and taps or traffic monitoring.

10
00:00:38,610 --> 00:00:41,590
You will also learn how to extract files

11
00:00:41,590 --> 00:00:45,540
from a TCP stream when
given a packet capture file

12
00:00:45,540 --> 00:00:49,570
in Wireshark and interpret
common artifact elements

13
00:00:49,570 --> 00:00:52,423
from an event to identify an alert.