Price: $3495
Duration: 5 Days
Audience:
Level:
Technology: CyberSecurity
Delivery Method:
Software Assurance Value:
Microsoft CPE:
The C)NFE will take your digital forensic skill set to the next level by navigating through over twenty (20) modules of network forensic topics, and providing you with hands-on practical experience through our extensive lab exercises that walk you through real-world situations.
With the skill set of a C)NFE, students can understand exactly what is going on in a network to ensure its proper use by those entrusted with access. Every organization can benefit by deploying a C)NFE to audit their network to discover how their resources are being utilized.
Upon CompletionStudents will:
Have knowledge to perform network forensic examinations.
Have knowledge to accurately report on their findings from examinations
Be ready to sit for the C)NFE Exam
Follow-on Courses:
C)SLO: Security Leadership Officer
Course Content
Comprised of 20 modules and 9 labs. The C)NFE will enhance your digital forensic competency by adding more advanced network forensics expertise and experience through interactive discussions, demonstrations, and lab exercises.
Forensic Auditors
IT Auditors
Law Enforcement
IT Professionals
Digital Evidence Concepts
Overview
Concepts in Digital Evidence
Section Summary
Summary
Network Evidence Challenges
Challenges Relating to Network Evidence
Network Forensics Investigative Methodology
OSCAR Methodology
Network-Based Evidence
Sources of Network-Based Evidence
Network Principles
Background
History
Functionality
FIGURE 5-1 The OSI Model
Encapsulation/De-encapsulation
FIGURE 5-2 OSI Model Encapsulation
FIGURE 5-3 OSI Model peer layer logical channels
FIGURE 5-4 OSI Model data names
Internet Protocol Suite
Physical Interception
Traffic Acquisition Software
Agenda
Libpcap and WinPcap
LIBPCAP
WINPCAP
BPF Language
TCPDUMP
WIRESHARK
TSHARK
Live Acquisition
Common Interfaces
Inspection Without Access
Strategy
Analysis
Protocol Analysis
Section 02
Packet Analysis
Section 03
Flow Analysis
Section 04
Higher-Layer Traffic Analysis
Layer 2 Protocol
The IEEE Layer 2 Protocol Series
Wireless Access Points
Wireless Access Points (WAPs)
Wireless Capture Traffic and Analysis
Wireless Traffic Capture and Analysis
Wireless Attacks
Common Attacks
NIDS_Snort
Investigating NIDS/NIPS
and Functionality
NIDS/NIPS Evidence Acquisition
Comprehensive Packet Logging
Snort
Centralized Logging and Syslog
Sources of Logs
Network Log Architecture
Collecting and Analyzing Evidence
Investigating Network Devices
Storage Media
Switches
Routers
Firewalls
Web Proxies and Encryption
Web Proxy Functionality
Web Proxy Evidence
Web Proxy Analysis
Encrypted Web Traffic
Network Tunneling
Tunneling for Functionality
Tunneling for Confidentiality
Covert Tunneling
Malware Forensics
Trends in Malware Evolution
C)DFE: Digital Forensics Examiner
OR Equivalent Experience