Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Network Forensics Engineer On-Demand
Description
Certified Network Forensics Engineer On-Demand Introduction
The Certified Network Forensics Engineer C)NFE certification, developed specifically for U.S. classified government sectors, is designed to enhance the digital and network forensic capabilities of its participants.
Over a comprehensive five-day, instructor-led course, students will explore over 20 modules that cover a breadth of network forensic topics, diving deep into the practical and theoretical aspects of the field.
This course offers an exceptional opportunity to immerse yourself in the world of network forensics through hands-on labs that simulate real-life scenarios.
These practical exercises are pivotal for understanding how to effectively gather and analyze forensic data in network environments, examine logs systematically, and investigate network devices.
Given the increasing sophistication of cyber threats, the skills developed in this course are more crucial than ever, preparing participants to meet the demands of current and future cybersecurity challenges.
Certified Network Forensics Engineer On-Demand Course Objectives
- Have the knowledge to perform network forensic examinations.
- Have knowledge to accurately report on their findings from examinations.
- Be ready to sit for the C)NFE Exam.
Certified Network Forensics Engineer Exam Information
- The exam will take approximately 2 hours and consist of 100 multiple-choice questions.
- A minimum grade of 70% is required for certification.
- The Certified Network Forensics Examiner exam is taken online through Mile2’s Learning Management System and is accessible on a Mile2.com account.
Prerequisites
- 2 years networking experience
- 2 years in IT Secuirty
- Working knowledge of TCPIP
Audience
- Digital and Network Forensics Examiners
- IS Managers
- Network Auditors
- IT Managers
Certified Network Forensics Engineer On-Demand Outline
Digital Evidence Concepts
- Overview
- Concepts in Digital Evidence
- Section Summary
- Summary
Network Evidence Challenges
- Overview
- Challenges Relating to Network Evidence
- Section Summary
- Summary
Network Forensics Investigative Methodology
- Overview
- OSCAR Methodology
- Section Summary
- Summary
Network-Based Evidence
- Overview
- Sources of Network-Based Evidence
- Section Summary
- Summary
Network Principles
- Background
- History
- Functionality
- The OSI Model and Encapsulation/De-encapsulation
Internet Protocol Suite
- Overview
- Internet Protocol Suite
- Section Summary
- Summary
Physical Interception
- Physical Interception
- Section Summary
- Summary
Traffic Acquisition Software
- Agenda
- Libpcap and WinPcap (LIBPCAP, WINPCAP)
- BPF Language
- TCPDUMP
- WIRESHARK
- TSHARK
- Summary
Live Acquisition
- Agenda
- Common Interfaces
- Inspection Without Access
- Strategy
- Summary
Analysis
- Agenda
- Protocol Analysis
- Packet Analysis
- Flow Analysis
- Higher-Layer Traffic Analysis
- Summary
Layer 2 Protocol
- Agenda
- The IEEE Layer 2 Protocol Series
- Section Summary
- Summary
Wireless Access Points
- Agenda
- Wireless Access Points (WAPs)
- Section Summary
- Summary
Wireless Capture Traffic and Analysis
- Agenda
- Wireless Traffic Capture and Analysis
- Section Summary
- Summary
Wireless Attacks
- Agenda
- Common Attacks
- Section Summary
- Summary
NIDS_Snort
- Agenda
- Investigating NIDS/NIPS
- NIDS/NIPS Evidence Acquisition
- Comprehensive Packet Logging
- Snort
- Summary
Centralized Logging and Syslog
- Agenda
- Sources of Logs
- Network Log Architecture
- Collecting and Analyzing Evidence
- Summary
Investigating Network Devices
- Agenda
- Storage Media
- Switches
- Routers
- Firewalls
- Summary
Web Proxies and Encryption
- Agenda
- Web Proxy Functionality
- Web Proxy Evidence
- Web Proxy Analysis
- Encrypted Web Traffic
- Summary
Network Tunneling
- Agenda
- Tunneling for Functionality
- Tunneling for Confidentiality
- Covert Tunneling
- Summary
Malware Forensics
- Trends in Malware Evolution
- Section Summary
- Summary
Labs
- Lab 1: Working with captured files (HTTP.pcap, SMB.pcap, SIP_RTP.pcap)
- Lab 2: Layer 2 Attacks & Active Evidence Acquisition
- Lab 3: Preparing for Packet Inspection
- Lab 4: Analyzing Packet Captures
- Lab 5: Case Study: ABC Real Estate
- Lab 6: NIDS/NIPS
- Lab 7: Syslog Exercise
- Lab 8: Network Device Log
- Lab 9: SSL
Accreditation:
Mile2 is accredited by the NSA-CNSS, approved on the Homeland Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.
$1095.00
|
|