Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Network Forensics Engineer C)NFE
Description
Certified Network Forensics Engineer C)NFE Introduction
The Certified Network Forensics Engineer C)NFE program is a comprehensive course meticulously crafted to enhance the expertise of professionals in the realm of network and digital forensics. This course, originally developed for a highly specialized U.S. government agency, stands as a benchmark for advanced skills in investigating and analyzing network-related incidents.
The 5-day, instructor-led training encompasses over 20 detailed modules that delve into the complexities of network forensic techniques and practices. Designed for individuals with a solid foundation in networking (at least 2 years of experience) and IT security (also 2 years of experience), this course is a stepping stone towards becoming a proficient network forensic expert.
Throughout the C)NFE course, participants are engaged in an interactive learning environment, enriched with lab exercises that mirror real-world scenarios. These hands-on sessions are pivotal in understanding the nuances of network forensics, such as the centralization and examination of logging systems and network devices.
The curriculum is tailored to equip students with the skills necessary for effectively conducting network forensic investigations, ensuring the integrity and accuracy of data recovery processes. Upon completing the course, participants will not only be adept in forensic methodologies but also be well-prepared to take on the C)NFE Exam, paving the way to a certified recognition in the field.
Prepare for a successful career in network forensics by enrolling in the Certified Network Forensics Engineer C)NFE course. Gain the skills, knowledge, and certification required to excel in investigating and recovering data in network environments.
Certified Network Forensics Engineer C)NFE Course Objectives
- Understand Network Forensic Fundamentals: Gain a solid grounding in the principles and practices of network forensics, including incident response and evidence handling.
- Master Analytical Techniques: Learn to effectively analyze network logs and devices to identify and respond to security breaches.
- Hands-on Lab Experience: Engage in detailed lab exercises that replicate current challenges in network forensics, enhancing real-world problem-solving skills.
- Data Integrity and Recovery: Develop techniques for ensuring the integrity of data during recovery processes and forensic investigations.
- Preparation for C)NFE Certification: Equip with the necessary knowledge and skills to successfully attempt the C)NFE certification exam.
Certified Network Forensics Engineer Exam Information
- The exam consists of 100 multiple-choice questions and takes approximately 2 hours to complete.
- A minimum grade of 70% is required for certification.
- The Certified Network Forensics Examiner exam is taken online through Mile2’s Learning Management System and is accessible on your Mile2.com account.
Prerequisites
Before enrolling in this course, participants should meet the following prerequisites:
- 2 years of networking experience
- 2 years of experience in IT security
- Working knowledge of TCP/IP
Audience
- Digital and Network Forensics Examiners
- Information Security Managers
- Network Auditors
- IT Managers
Certified Network Forensics Engineer C)NFE Course Outline
Digital Evidence Concepts
- Overview
- Concepts in Digital Evidence
- Section Summary
- Summary
Network Evidence Challenges
- Overview
- Challenges Relating to Network Evidence
- Section Summary
- Summary
Network Forensics Investigative Methodology
- Overview
- OSCAR Methodology
- Section Summary
- Summary
Network-Based Evidence
- Overview
- Sources of Network-Based Evidence
- Section Summary
- Summary
Network Principles
- Background
- History
- Functionality
- The OSI Model
- Encapsulation/De-encapsulation
Internet Protocol Suite
- Overview
- Internet Protocol Suite
- Section Summary
- Summary
Physical Interception
- Physical Interception
- Section Summary
- Summary
Traffic Acquisition Software
- Agenda
- Libpcap and WinPcap (LIBPCAP, WINPCAP)
- BPF Language
- TCPDUMP
- WIRESHARK
- TSHARK
- Summary
Live Acquisition
- Agenda
- Common Interfaces
- Inspection Without Access
- Strategy
- Summary
Analysis
- Agenda
- Protocol Analysis
- Packet Analysis
- Flow Analysis
- Higher-Layer Traffic Analysis
- Summary
Layer 2 Protocol
- Agenda
- The IEEE Layer 2 Protocol Series
- Section Summary
- Summary
Wireless Access Points
- Agenda
- Wireless Access Points (WAPs)
- Section Summary
- Summary
Wireless Capture Traffic and Analysis
- Agenda
- Wireless Traffic Capture and Analysis
- Section Summary
- Summary
Wireless Attacks
- Agenda
- Common Attacks
- Section Summary
- Summary
NIDS_Snort
- Agenda
- Investigating NIDS/NIPS
- NIDS/NIPS Evidence Acquisition
- Comprehensive Packet Logging
- Snort
- Summary
Centralized Logging and Syslog
- Agenda
- Sources of Logs
- Network Log Architecture
- Collecting and Analyzing Evidence
- Summary
Investigating Network Devices
- Agenda
- Storage Media
- Switches
- Routers
- Firewalls
- Summary
Web Proxies and Encryption
- Agenda
- Web Proxy Functionality
- Web Proxy Evidence
- Web Proxy Analysis
- Encrypted Web Traffic
- Summary
Network Tunneling
- Agenda
- Tunneling for Functionality
- Tunneling for Confidentiality
- Covert Tunneling
- Summary
Malware Forensics
- Trends in Malware Evolution
- Section Summary
- Summary
Labs
- Lab 1: Working with captured files (HTTP.pcap, SMB.pcap, SIP_RTP.pcap)
- Lab 2: Layer 2 Attacks & Active Evidence Acquisition
- Lab 3: Preparing for Packet Inspection
- Lab 4: Analyzing Packet Captures
- Lab 5: Case Study: ABC Real Estate
- Lab 6: NIDS/NIPS
- Lab 7: Syslog Exercise
- Lab 8: Network Device Log
- Lab 9: SSL
Accreditation:
Mile2 is accredited by the NSA-CNSS, approved on the Homeland Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.
$3500.00
|
5 Days Course |