Logo

Maxtrain.com - [email protected] - 513-322-8888 - 866-595-6863

M2-CNFEMOD

Certified Network Forensics Examiner- On-Demand

Add to Wishlist

Description

MILE2-Federal-Approval_Certified-Network-Forensics-Examiner

The Certified Network Forensics Examiner, C)NFE, certification was developed for a U.S. classified government agency. It’s purpose is to push students with a digital and network forensic skill set to the next level. In this course you will navigate through 20+ modules of network forensic topics. This is a 5 day Instructor Led Class.

The C)NFE provides practical experience through our lab exercises that simulate real-world scenarios covering investigation and recovery of data in network.

The C)NFE focuses on centralizing and investigating logging systems as well as network devices. Take your forensics career to the next level with Mile2’s Network Forensics Engineer course.

Upon Completion

Students will:

  • Have knowledge to perform network forensic examinations.
  • Have knowledge to accurately report on their findings from examinations
  • Be ready to sit for the C)NFE Exam

Comprised of 20 modules and 9 labs. The C)NFE will enhance your digital forensic competence by adding more advanced network forensics expertise and experience through discussions and practice.

Exam Information

The Certified Network Forensics Examiner exam is taken online through Mile2’s Learning Management System and is accessible on you Mile2.com account.  The exam will take approximately 2 hours and consist of 100 multiple choice questions. A minimum grade of 70% is required for certification.

Mile2 is Accredited by the NSA-CNSS, Approved on Homelands Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.

Self-Study Package includes (1-year access):

  1. Individual Course Access
  2. Online Course Video
  3. E-Book
  4. Exam Simulator
  5. Exam Prep
  6. Exam  

Outline

1: Digital Evidence Concepts

  • Overview
  • Concepts in Digital Evidence
  • Section Summary
  • Summary

2: Network Evidence Challenges

  • Overview
  • Challenges Relating to Network Evidence
  • Section Summary
  • Summary

3: Network Forensics Investigative Methodology

  • Overview
  • OSCAR Methodology
  • Section Summary
  • Summary

4: Network-Based Evidence

  • Overview
  • Sources of Network-Based Evidence
  • Section Summary
  • Summary

5: Network Principles

  • Background
  • History
  • Functionality
  • FIGURE 5-1 The OSI Model
  • Functionality
  • Encapsulation/De-encapsulation
  • FIGURE 5-2 OSI Model Encapsulation
  • Encapsulation/De-encapsulation
  • FIGURE 5-3 OSI Model peer layer logical channels
  • Encapsulation/De-encapsulation
  • FIGURE 5-4 OSI Model data names
  • Section Summary
  • Summary

6: Internet Protocol Suite

  • Overview
  • Internet Protocol Suite
  • Section Summary
  • Summary

7: Physical Interception

  • Physical Interception
  • Section Summary
  • Summary

8: Traffic Acquisition Software

  • Agenda
  • Libpcap and WinPcap
  • LIBPCAP
  • WINPCAP
  • Section Summary
  • BPF Language
  • Section Summary
  • TCPDUMP
  • Section Summary
  • WIRESHARK
  • Section Summary
  • TSHARK
  • Section Summary
  • Summary

9: Live Acquisition

  • Agenda
  • Common Interfaces
  • Section Summary
  • Inspection Without Access
  • Section Summary
  • Strategy
  • Section Summary
  • Summary

10: Analysis

  • Agenda
  • Protocol Analysis
  • Section Summary
  • Section 02
  • Packet Analysis
  • Section Summary
  • Section 03
  • Flow Analysis
  • Protocol Analysis
  • Section Summary
  • Section 04
  • Higher-Layer Traffic Analysis
  • Section Summary
  • Summary

11: Layer 2 Protocol

  • Agenda
  • The IEEE Layer 2 Protocol Series
  • Section Summary
  • Summary

12: Wireless Access Points

  • Agenda
  • Wireless Access Points (WAPs)
  • Section Summary
  • Summary

13: Wireless Capture Traffic and Analysis

  • Agenda
  • Wireless Traffic Capture and Analysis
  • Section Summary
  • Summary

14: Wireless Attacks

  • Agenda
  • Common Attacks
  • Section Summary
  • Summary

15: NIDS_Snort

  • Agenda
  • Investigating NIDS/NIPS
  • and Functionality
  • Section Summary
  • NIDS/NIPS Evidence Acquisition
  • Section Summary
  • Comprehensive Packet Logging
  • Section Summary
  • Snort
  • Section Summary
  • Summary

16: Centralized Logging and Syslog

  • Agenda
  • Sources of Logs
  • Section Summary
  • Network Log Architecture
  • Section Summary
  • Collecting and Analyzing Evidence
  • Section Summary
  • Summary

17: Investigating Network Devices

  • Agenda
  • Storage Media
  • Section Summary
  • Switches
  • Section Summary
  • Routers
  • Section Summary
  • Firewalls
  • Section Summary
  • Summary

18: Web Proxies and Encryption

  • Agenda
  • Web Proxy Functionality
  • Section Summary
  • Web Proxy Evidence
  • Section Summary
  • Web Proxy Analysis
  • Section Summary
  • Encrypted Web Traffic
  • Section Summary
  • Summary

19: Network Tunneling

  • Agenda
  • Tunneling for Functionality
  • Section Summary
  • Tunneling for Confidentiality
  • Section Summary
  • Covert Tunneling
  • Section Summary
  • Summary

20: Malware Forensics

  • Trends in Malware Evolution
  • Section Summary
  • Summary

Labs:

1: Working with captured files

  • Exercise 1: HTTP.pcap
  • Exercise 2: SMB.pcap
  • Exercise 3: SIP_RTP.pcap

The rest of this lab's information is proprietary

2: Layer 2 Attacks & Active Evidence Acquisition

  • Exercise 1: Analyze the capture of macof.
  • Exercise 2: Manipulating the STP root bridge election process
  • Exercise 3: Acquiring Evidence
  • Exercise 4: Understanding Evidence

The rest of this lab's information is proprietary

3: Preparing for Packet Inspection

  • Working with Packet Inspection tools

The rest of this lab's information is proprietary

4: Analyzing Packet Captures

  • Exercise 1: Analyze TKIP and CCMP Frames starting from 4-Way Handshake process

The rest of this lab's information is proprietary

5: Case Study: ABC Real Estate

  • Scenario Introduction
  • Digital Forensic Exercises

The rest of this lab's information is proprietary

6: NIDS/NIPS

  • Exercise 1: Use Snort as Packet Sniffer
  • Exercise 2: Use Snort as a packet logger
  • Exercise 3: Check Snort`s IDS abilities with pre-captured attack pattern files

The rest of this lab's information is proprietary

7: Syslog Exercise

  • Using the Syslog in a forensic investigation on a network.

The rest of this lab's information is proprietary

8: Network Device Log

  • Accessing the Network Device Log
  • Understanding the Network Device Log

The rest of this lab's information is proprietary

9: SSL

  • Exercise 1: Decrypting SSL Traffic by using a given Certificate Private Key
  • Exercise 2: SSL and Friendly Man-in-the-middle

The rest of this lab's information is proprietary

PreRequisites

  • 2 years networking experience
  • 2 years in IT Secuirty
  • Working knowledge of TCPIP

Audience

  • Digital and Network Forensics Examiners
  • IS Managers
  • Network Auditors
  • IT Managers
$995.00


Add to Wishlist
MAX Educ. Savings
Category:
Loading ...