US ARMY WOAC – Forensics 9-20


US ARMY WOAC – Forensics 9-20



Cyber School WOAC- Advanced Protocol Analysis/ Advanced Digital Forensics


Advanced Protocol Analysis

Learning Outcome: Given complex network traffic, the student will discern between benign and malicious network activity within more than 75% of the network traffic:

1) Identify multiple protocols within network traffic and identify advanced tunneling methods

2) Understanding of advanced encryption methodologies and secure protocols

3) Understanding of intrusion detection \ prevention system signature development based on traffic analysis

4) Perform filtering and cutting of network traffic

5) Perform deep packet analysis and diagram network traffic with timeline analysis

6) Integrate knowledge of threat tactics, techniques, and procedures (TTP) into advanced network analysis

7) Develop advanced tunneling methods

8) Develop advanced intrusion detection \ prevention system signatures and heuristic analysis development

9) Develop advanced encryption methodologies and secure protocols


Advanced Digital Forensics


Learning Outcome: Given a disk image, memory image, and captured network traffic activity, the student will compose a written assessment of malicious activity:

1) Comprehend forensic evidence collection with volatile and non-volatile data.

2) Understand different forensics tool suites such as FTK, Encase, Magnet Axiom, or Autopsy.

3) Understand browser and email artifact analysis

4) Assess advanced memory analysis with Linux and Windows Systems

5) Assess advance malware purposes, techniques, and construction

6) Assess mid-level malware changes to systems and networks

7) Comprehend advanced file and process signatures

8) Validate forensic evidence collection

9) Integrate knowledge of threat tactics, techniques, and procedures (TTP) into advanced memory analysis

10) Correlate multiple sources of data into a holistic timeline

11) Develop advanced file and process search capabilities

12) Present analysis of forensic conclusions in operator notes and executive reports.

13) Understand forensic analysis with enterprise platforms like Tanium, Endgame, Carbon Black, or Security Information and  Event Management (SIEM) platforms.

+ Images are samples.  Actual printed materials appearance may vary.


Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!