C)NFE: Certified Network Forensics Examiner
About this Course
The Certified Network Forensics Examiner vendor neutral certification was developed for a U.S. classified government agency.
The C)NFE takes a digital and network forensic skill set to the next level by navigating through over twenty modules of network forensic topics.
The CNFE provides practical experience through our lab exercises that simulate real-world scenarios that cover investigation and recovery of data in network, Physical Interception, Traffic Acquisition, Analysis, Wireless Attacks and SNORT.
The course focuses on the centralizing and investigating of logging systems as well as network devices.
Mile2 Accreditations:
- Accredited by the NSA CNSS 4011-4016
- Is approved and has been placed on Homeland Security’s National Initiative for Cyber Security Careers and Studies (NICCS) training providers and maps to the National Cybersecurity Workforce Framework
- Preferred cyber certification for the FBI
Audience Profile
Digital & Network Forensic Engineers
IS & IT managers
Network Auditors
At Course Completion
Students will:
Have knowledge to perform network forensic examinations.
Have knowledge to accurately report on their findings from examinations
Be ready to sit for the C)NFE Exam
Outline
Module 1: Digital Evidence Concepts
Module 2: Network Evidence Challenges
Module 3: Network Forensics Investigative Methodology
Module 4: Network-Based Evidence
Module 5: Network Principles
Module 6: Internet Protocol Suite
Module 7: Physical Interception
Module 8: Traffic Acquisition Software
Module 9: Live Acquisition
Module 10: Analysis
Module 11: Layer 2 Protocol
Module 12: Wireless Access Points
Module 13: Wireless Capture Traffic and Analysis
Module 14: Wireless Attacks
Module 15: NIDS_Snort
Module 16: Centralized Logging and Syslog
Module 17: Investigating Network Devices
Module 18: Web Proxies and Encryption
Module 19: Network Tunneling
Module 20: Malware Forensics
Prerequisites
2 years of networking experience
2 years of IT Security
Working Knowledge of TCPIP