iris7_wireshark_for_windows_server_admin.png
iris7_wireshark_for_windows_server_admin.png

Wireshark for Windows Server Administrators

$1,250.00

Location: On-Site or Online
Pricing: $1,250 per seat (6-seat minimum)
Length: 3 Days

Course Summary

Wireshark for Windows Server Administrators is a practical, hands-on course designed to teach Windows infrastructure professionals how to analyze and troubleshoot network-related issues using Wireshark.

Students learn how Windows servers communicate on the network and how to use packet captures to diagnose authentication failures, name resolution issues, slow applications, file sharing problems, and domain communication errors. The course emphasizes practical troubleshooting scenarios rather than deep protocol theory.

By the end of the course, students are comfortable capturing traffic on Windows systems, applying filters, identifying common Windows protocols, and using packet evidence to solve real operational problems.

Course Outline

Day 1 – Packet Capture Fundamentals for Windows Admins

  • 💬 Lecture: Why Windows administrators need packet analysis

  • 💬 Lecture: Quick TCP/IP refresher for server troubleshooting

  • 💬 Lecture: Where to capture traffic in Windows environments

  • 💬 Lecture: Wireshark interface and core features

  • ⚙️ Lab: Installing Wireshark on Windows

  • ⚙️ Lab: Capturing traffic from a Windows server

  • ⚙️ Lab: Identifying Ethernet, IP, TCP, and UDP headers

  • ⚙️ Lab: Saving and reopening capture files

  • 💬 Lecture: Capture filters vs display filters

  • ⚙️ Lab: Filtering traffic by IP address and port

  • ⚙️ Lab: Building filters for specific protocols

  • ⚙️ Lab: Following TCP streams

Day 2 – Troubleshooting Common Windows Server Services

  • 💬 Lecture: Name resolution in Windows (DNS, NetBIOS)

  • 💬 Lecture: Active Directory and authentication basics

  • 💬 Lecture: SMB/CIFS file sharing traffic

  • ⚙️ Lab: Analyzing DNS queries and responses

  • ⚙️ Lab: Troubleshooting failed name resolution

  • ⚙️ Lab: Inspecting Kerberos authentication traffic

  • ⚙️ Lab: Identifying NTLM vs Kerberos usage

  • ⚙️ Lab: Tracing SMB file share connections

  • 💬 Lecture: Time synchronization and domain health

  • ⚙️ Lab: Capturing and analyzing NTP traffic

  • ⚙️ Lab: Identifying time-related authentication failures

Day 3 – Real-World Windows Troubleshooting Workflows

  • 💬 Lecture: Diagnosing slow or failing applications

  • 💬 Lecture: Client vs server responsibility in network issues

  • 💬 Lecture: TCP performance problems (retransmissions, latency)

  • ⚙️ Lab: Identifying slow TCP connections

  • ⚙️ Lab: Detecting retransmissions and packet loss

  • ⚙️ Lab: Measuring round-trip time (RTT)

  • 💬 Lecture: Structured troubleshooting with packet captures

  • 💬 Lecture: Best practices for capturing traffic in production

  • ⚙️ Lab: Troubleshooting a failed domain logon scenario

  • ⚙️ Lab: Diagnosing a broken file share connection

  • ⚙️ Lab: Building a repeatable Windows network troubleshooting workflow

  • ⚙️ Lab: Documenting findings using packet evidence

Outcomes

Students who complete Wireshark for Windows Server Administrators will be able to:

  • Capture and analyze network traffic on Windows systems

  • Identify DNS, Kerberos, SMB, and other Windows-related protocols

  • Troubleshoot authentication, file sharing, and name resolution issues

  • Recognize TCP performance problems affecting Windows services

  • Use packet captures as reliable evidence when diagnosing server issues

Location: On-Site or Online
Pricing: $1,250 per seat (6-seat minimum)
Length: 3 Days

Course Summary

Wireshark for Windows Server Administrators is a practical, hands-on course designed to teach Windows infrastructure professionals how to analyze and troubleshoot network-related issues using Wireshark.

Students learn how Windows servers communicate on the network and how to use packet captures to diagnose authentication failures, name resolution issues, slow applications, file sharing problems, and domain communication errors. The course emphasizes practical troubleshooting scenarios rather than deep protocol theory.

By the end of the course, students are comfortable capturing traffic on Windows systems, applying filters, identifying common Windows protocols, and using packet evidence to solve real operational problems.

Course Outline

Day 1 – Packet Capture Fundamentals for Windows Admins

  • 💬 Lecture: Why Windows administrators need packet analysis

  • 💬 Lecture: Quick TCP/IP refresher for server troubleshooting

  • 💬 Lecture: Where to capture traffic in Windows environments

  • 💬 Lecture: Wireshark interface and core features

  • ⚙️ Lab: Installing Wireshark on Windows

  • ⚙️ Lab: Capturing traffic from a Windows server

  • ⚙️ Lab: Identifying Ethernet, IP, TCP, and UDP headers

  • ⚙️ Lab: Saving and reopening capture files

  • 💬 Lecture: Capture filters vs display filters

  • ⚙️ Lab: Filtering traffic by IP address and port

  • ⚙️ Lab: Building filters for specific protocols

  • ⚙️ Lab: Following TCP streams

Day 2 – Troubleshooting Common Windows Server Services

  • 💬 Lecture: Name resolution in Windows (DNS, NetBIOS)

  • 💬 Lecture: Active Directory and authentication basics

  • 💬 Lecture: SMB/CIFS file sharing traffic

  • ⚙️ Lab: Analyzing DNS queries and responses

  • ⚙️ Lab: Troubleshooting failed name resolution

  • ⚙️ Lab: Inspecting Kerberos authentication traffic

  • ⚙️ Lab: Identifying NTLM vs Kerberos usage

  • ⚙️ Lab: Tracing SMB file share connections

  • 💬 Lecture: Time synchronization and domain health

  • ⚙️ Lab: Capturing and analyzing NTP traffic

  • ⚙️ Lab: Identifying time-related authentication failures

Day 3 – Real-World Windows Troubleshooting Workflows

  • 💬 Lecture: Diagnosing slow or failing applications

  • 💬 Lecture: Client vs server responsibility in network issues

  • 💬 Lecture: TCP performance problems (retransmissions, latency)

  • ⚙️ Lab: Identifying slow TCP connections

  • ⚙️ Lab: Detecting retransmissions and packet loss

  • ⚙️ Lab: Measuring round-trip time (RTT)

  • 💬 Lecture: Structured troubleshooting with packet captures

  • 💬 Lecture: Best practices for capturing traffic in production

  • ⚙️ Lab: Troubleshooting a failed domain logon scenario

  • ⚙️ Lab: Diagnosing a broken file share connection

  • ⚙️ Lab: Building a repeatable Windows network troubleshooting workflow

  • ⚙️ Lab: Documenting findings using packet evidence

Outcomes

Students who complete Wireshark for Windows Server Administrators will be able to:

  • Capture and analyze network traffic on Windows systems

  • Identify DNS, Kerberos, SMB, and other Windows-related protocols

  • Troubleshoot authentication, file sharing, and name resolution issues

  • Recognize TCP performance problems affecting Windows services

  • Use packet captures as reliable evidence when diagnosing server issues