Skip Ribbon Commands
Skip to main content
Version HistoryVersion History

Course ID

CNFE

Title

Certified Network Forensics Examiner

Price

$3,495.00

Duration

5 Days

Audience

 

Level

 

Delivery Method

 

Software Assurance

 

Microsoft CPE

 

Course Audience

​Forensic Auditors

IT Auditors

Law Enforcement

IT Professionals


Course Objectives

​Upon CompletionStudents will:

Have knowledge to perform network forensic examinations.

Have knowledge to accurately report on their findings from examinations

Be ready to sit for the C)NFE Exam


Follow-on Courses:

C)SLO: Security Leadership Officer


Course Content

Comprised of 20 modules and 9 labs. The C)NFE will enhance your digital forensic competency by adding more advanced network forensics expertise and experience through interactive discussions, demonstrations, and lab exercises.


Course Description

The C)NFE will take your digital forensic skill set to the next level by navigating through over twenty (20) modules of network forensic topics, and providing you with hands-on practical experience through our extensive lab exercises that walk you through real-world situations.

With the skill set of a C)NFE, students can understand exactly what is going on in a network to ensure its proper use by those entrusted with access. Every organization can benefit by deploying a C)NFE to audit their network to discover how their resources are being utilized.


Course Prerequisites

​C)DFE: Digital Forensics Examiner

OR Equivalent Experience


Course Outline

​Digital Evidence Concepts

Overview

Concepts in Digital Evidence

Section Summary

Summary


Network Evidence Challenges

Overview

Challenges Relating to Network Evidence

Section Summary

Summary


Network Forensics Investigative Methodology

Overview

OSCAR Methodology

Section Summary

Summary


Network-Based Evidence

Overview

Sources of Network-Based Evidence

Section Summary

Summary


Network Principles

Background

History

Functionality

FIGURE 5-1 The OSI Model

Functionality

Encapsulation/De-encapsulation

FIGURE 5-2 OSI Model Encapsulation

Encapsulation/De-encapsulation

FIGURE 5-3 OSI Model peer layer logical channels

Encapsulation/De-encapsulation

FIGURE 5-4 OSI Model data names

Section Summary

Summary


Internet Protocol Suite

Overview

Internet Protocol Suite

Section Summary

Summary


Physical Interception

Physical Interception

Section Summary

Summary


Traffic Acquisition Software

Agenda

Libpcap and WinPcap

LIBPCAP

WINPCAP

Section Summary

BPF Language

Section Summary

TCPDUMP

Section Summary

WIRESHARK

Section Summary

TSHARK

Section Summary

Summary


Live Acquisition

Agenda

Common Interfaces

Section Summary

Inspection Without Access

Section Summary

Strategy

Section Summary

Summary


Analysis

Agenda

Protocol Analysis

Section Summary

Section 02

Packet Analysis

Section Summary

Section 03

Flow Analysis

Protocol Analysis

Section Summary

Section 04

Higher-Layer Traffic Analysis

Section Summary

Summary


Layer 2 Protocol

Agenda

The IEEE Layer 2 Protocol Series

Section Summary

Summary


Wireless Access Points

Agenda

Wireless Access Points (WAPs)

Section Summary

Summary


Wireless Capture Traffic and Analysis

Agenda

Wireless Traffic Capture and Analysis

Section Summary

Summary


Wireless Attacks

Agenda

Common Attacks

Section Summary

Summary


NIDS_Snort

Agenda

Investigating NIDS/NIPS

and Functionality

Section Summary

NIDS/NIPS Evidence Acquisition

Section Summary

Comprehensive Packet Logging

Section Summary

Snort

Section Summary

Summary


Centralized Logging and Syslog

Agenda

Sources of Logs

Section Summary

Network Log Architecture

Section Summary

Collecting and Analyzing Evidence

Section Summary

Summary


Investigating Network Devices

Agenda

Storage Media

Section Summary

Switches

Section Summary

Routers

Section Summary

Firewalls

Section Summary

Summary


Web Proxies and Encryption

Agenda

Web Proxy Functionality

Section Summary

Web Proxy Evidence

Section Summary

Web Proxy Analysis

Section Summary

Encrypted Web Traffic

Section Summary

Summary


Network Tunneling

Agenda

Tunneling for Functionality

Section Summary

Tunneling for Confidentiality

Section Summary

Covert Tunneling

Section Summary

Summary


Malware Forensics

Trends in Malware Evolution

Section Summary

Summary


Status

Active

Technology

CyberSecurity

Category

Cybersecurity

SubCategory

Security Forensics

Details

Certified Network Forensics Examiner

Attachments

Version: 4.0
Created at 5/12/2015 3:37 PM by Cole
Last modified at 6/29/2015 11:40 AM by GSATRAIN\Administrator