So, I have decided to create a roadmap for myself in order to achieve my goal of being a detection engineer.
One of those steps includes understanding network fundamentals and being able to analyze traffic (the abnormal vs normal).
I decided to take Introduction to Network Analysis course by Security Blue Team.
This was definitely one of the more challenging courses that I have taken. I do not use Wireshark on a day-to-day basis; this was also my first time using tcpdump.
Both tools are used to analyze network traffic to determine malicious or unusual activity. Wireshark is a GUI (allows users to interact with a graphical user interface) whereas tcpdump utilizes a command-line.
I did contact them to ask whether I can post a walk-through tutorial of the course; it is not permitted. However, I like that about Security Blue Team.
Experience
Total Days to Complete: 2 days
Averaged Score: 83.75%
Benefits: Hands-on experience with tools
Cons: Lack of support for users (as in helping guide to the correct solution)
