(855) 289-4728

All Site Content

CNFE - Certified Network Forensics Examiner

Price: $3495

Duration: 5 Days

Audience:

Level:

Technology: CyberSecurity

Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

The C)NFE will take your digital forensic skill set to the next level by navigating through over twenty (20) modules of network forensic topics, and providing you with hands-on practical experience through our extensive lab exercises that walk you through real-world situations.

With the skill set of a C)NFE, students can understand exactly what is going on in a network to ensure its proper use by those entrusted with access. Every organization can benefit by deploying a C)NFE to audit their network to discover how their resources are being utilized.

Course Objectives

Upon CompletionStudents will:

Have knowledge to perform network forensic examinations.

Have knowledge to accurately report on their findings from examinations

Be ready to sit for the C)NFE Exam

Follow-on Courses:

C)SLO: Security Leadership Officer

Course Content

Comprised of 20 modules and 9 labs. The C)NFE will enhance your digital forensic competency by adding more advanced network forensics expertise and experience through interactive discussions, demonstrations, and lab exercises.

Course Audience

Forensic Auditors

IT Auditors

Law Enforcement

IT Professionals

Course Outline

Digital Evidence Concepts

Overview

Concepts in Digital Evidence

Section Summary

Summary

Network Evidence Challenges

Overview

Challenges Relating to Network Evidence

Section Summary

Summary

Network Forensics Investigative Methodology

Overview

OSCAR Methodology

Section Summary

Summary

Network-Based Evidence

Overview

Sources of Network-Based Evidence

Section Summary

Summary

Network Principles

Background

History

Functionality

FIGURE 5-1 The OSI Model

Functionality

Encapsulation/De-encapsulation

FIGURE 5-2 OSI Model Encapsulation

Encapsulation/De-encapsulation

FIGURE 5-3 OSI Model peer layer logical channels

Encapsulation/De-encapsulation

FIGURE 5-4 OSI Model data names

Section Summary

Summary

Internet Protocol Suite

Overview

Internet Protocol Suite

Section Summary

Summary

Physical Interception

Physical Interception

Section Summary

Summary

Traffic Acquisition Software

Agenda

Libpcap and WinPcap

LIBPCAP

WINPCAP

Section Summary

BPF Language

Section Summary

TCPDUMP

Section Summary

WIRESHARK

Section Summary

TSHARK

Section Summary

Summary

Live Acquisition

Agenda

Common Interfaces

Section Summary

Inspection Without Access

Section Summary

Strategy

Section Summary

Summary

Analysis

Agenda

Protocol Analysis

Section Summary

Section 02

Packet Analysis

Section Summary

Section 03

Flow Analysis

Protocol Analysis

Section Summary

Section 04

Higher-Layer Traffic Analysis

Section Summary

Summary

Layer 2 Protocol

Agenda

The IEEE Layer 2 Protocol Series

Section Summary

Summary

Wireless Access Points

Agenda

Wireless Access Points (WAPs)

Section Summary

Summary

Wireless Capture Traffic and Analysis

Agenda

Wireless Traffic Capture and Analysis

Section Summary

Summary

Wireless Attacks

Agenda

Common Attacks

Section Summary

Summary

NIDS_Snort

Agenda

Investigating NIDS/NIPS

and Functionality

Section Summary

NIDS/NIPS Evidence Acquisition

Section Summary

Comprehensive Packet Logging

Section Summary

Snort

Section Summary

Summary

Centralized Logging and Syslog

Agenda

Sources of Logs

Section Summary

Network Log Architecture

Section Summary

Collecting and Analyzing Evidence

Section Summary

Summary

Investigating Network Devices

Agenda

Storage Media

Section Summary

Switches

Section Summary

Routers

Section Summary

Firewalls

Section Summary

Summary

Web Proxies and Encryption

Agenda

Web Proxy Functionality

Section Summary

Web Proxy Evidence

Section Summary

Web Proxy Analysis

Section Summary

Encrypted Web Traffic

Section Summary

Summary

Network Tunneling

Agenda

Tunneling for Functionality

Section Summary

Tunneling for Confidentiality

Section Summary

Covert Tunneling

Section Summary

Summary

Malware Forensics

Trends in Malware Evolution

Section Summary

Summary

Course Prerequisites

C)DFE: Digital Forensics Examiner

OR Equivalent Experience

CNFE - Certified Network Forensics Examiner

Price: $3495

Duration: 5 Days

Audience:

Level:

Technology: CyberSecurity

Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

Course Outline

Digital Evidence Concepts

Overview

Concepts in Digital Evidence

Section Summary

Summary

Network Evidence Challenges

Overview

Challenges Relating to Network Evidence

Section Summary

Summary

Network Forensics Investigative Methodology

Overview

OSCAR Methodology

Section Summary

Summary

Network-Based Evidence

Overview

Sources of Network-Based Evidence

Section Summary

Summary

Network Principles

Background

History

Functionality

FIGURE 5-1 The OSI Model

Functionality

Encapsulation/De-encapsulation

FIGURE 5-2 OSI Model Encapsulation

Encapsulation/De-encapsulation

FIGURE 5-3 OSI Model peer layer logical channels

Encapsulation/De-encapsulation

FIGURE 5-4 OSI Model data names

Section Summary

Summary

Internet Protocol Suite

Overview

Internet Protocol Suite

Section Summary

Summary

Physical Interception

Physical Interception

Section Summary

Summary

Traffic Acquisition Software

Agenda

Libpcap and WinPcap

LIBPCAP

WINPCAP

Section Summary

BPF Language

Section Summary

TCPDUMP

Section Summary

WIRESHARK

Section Summary

TSHARK

Section Summary

Summary

Live Acquisition

Agenda

Common Interfaces

Section Summary

Inspection Without Access

Section Summary

Strategy

Section Summary

Summary

Analysis

Agenda

Protocol Analysis

Section Summary

Section 02

Packet Analysis

Section Summary

Section 03

Flow Analysis

Protocol Analysis

Section Summary

Section 04

Higher-Layer Traffic Analysis

Section Summary

Summary

Layer 2 Protocol

Agenda

The IEEE Layer 2 Protocol Series

Section Summary

Summary

Wireless Access Points

Agenda

Wireless Access Points (WAPs)

Section Summary

Summary

Wireless Capture Traffic and Analysis

Agenda

Wireless Traffic Capture and Analysis

Section Summary

Summary

Wireless Attacks

Agenda

Common Attacks

Section Summary

Summary

NIDS_Snort

Agenda

Investigating NIDS/NIPS

and Functionality

Section Summary

NIDS/NIPS Evidence Acquisition

Section Summary

Comprehensive Packet Logging

Section Summary

Snort

Section Summary

Summary

Centralized Logging and Syslog

Agenda

Sources of Logs

Section Summary

Network Log Architecture

Section Summary

Collecting and Analyzing Evidence

Section Summary

Summary

Investigating Network Devices

Agenda

Storage Media

Section Summary

Switches

Section Summary

Routers

Section Summary

Firewalls

Section Summary

Summary

Web Proxies and Encryption

Agenda

Web Proxy Functionality

Section Summary

Web Proxy Evidence

Section Summary

Web Proxy Analysis

Section Summary

Encrypted Web Traffic

Section Summary

Summary

Network Tunneling

Agenda

Tunneling for Functionality

Section Summary

Tunneling for Confidentiality

Section Summary

Covert Tunneling

Section Summary

Summary

Malware Forensics

Trends in Malware Evolution

Section Summary

Summary

Course Prerequisites

C)DFE: Digital Forensics Examiner

OR Equivalent Experience

Course Objectives

Upon CompletionStudents will:

Have knowledge to perform network forensic examinations.

Have knowledge to accurately report on their findings from examinations

Be ready to sit for the C)NFE Exam

Follow-on Courses:

C)SLO: Security Leadership Officer

Course Content

Course Audience

Forensic Auditors

IT Auditors

Law Enforcement

IT Professionals

Course Schedule
This course is not scheduled yet.

Upcoming Training

Mar 15-19	SEC+ - Security+ Prep
Apr 19-23	SEC+ - Security+ Prep
May 17-21	SEC+ - Security+ Prep
Jun 21-25	SEC+ - Security+ Prep

Main Navigation

Recent Blog Posts

Mobile Learning and Windows 8...

Testimonials

Great instructor, I learned much more than I expected - also great selection of snacks and drinks.

Monica

GSAtrain

CNFE - Certified Network Forensics Examiner

Course Information

Course Description

Course Objectives

Course Audience

Course Outline

Course Prerequisites

CNFE - Certified Network Forensics Examiner

Course Information

Course Description

Course Outline

Course Prerequisites

Course Objectives

Course Audience

Upcoming Training

Main Navigation