$950.00 On-Demand Learning

Overview

Course Includes:

  • Individual Course Access
  • Course Video
  • E-Workbook
  • E-Prep & Lab Guide
  • Exam
  • 2 Week Cyber Range
  • 1 Year Exam Voucher

Prerequisites:

  • Must have a Digital or Computer Forensics Certification or equivalent knowledge
  • 2 years of IT Security
  • Working Knowledge of TCPIP

Student Materials:

  • Student Workbook
  • Student Lab Guide
  • Student Exam Prep Guide

Certification Exam:

  • Mile2 C)NFE

CPEs: 40

Who Should Attend?

  • Digital & Network Forensic Engineers
  • IS & IT managers
  • Network Auditors

Upon Completion

Upon completion, Students will:

  • Have the knowledge to perform network forensic examinations.
  • Have the knowledge to accurately report on their findings from examinations
  • Be ready to sit for the C)NFE Exam

The Certified Network Forensics Examiner vendor-neutral certification was developed for a U.S. classified government agency. The C)NFE takes a digital and network forensic skill set to the next level by navigating through over twenty modules of network forensic topics. The CNFE provides practical experience through our lab exercises that simulate real-world scenarios that cover investigation and recovery of data in a network, Physical Interception, Traffic Acquisition, Analysis, Wireless Attacks, and SNORT. The course focuses on the centralizing and investigating of logging systems as well as network devices.

Description

Course Outline

  • Module 1: – Digital Evidence Concepts
  • Module 2: Network Evidence Challenges
  • Module 3: Network Forensics Investigative Methodology
  • Module 4: Network-Based Evidence
  • Module 5: Network Principles
  • Module 6: Internet Protocol Suite
  • Module 7: Physical Interception
  • Module 8: Traffic Acquisition SoftwareScanning
  • Module 9: Live Acquisition
  • Module 10: – Analysis
  • Module 11: Layer 2 Protocol
  • Module 12: Wireless Access Points
  • Module 13: Wireless Capture Traffic and Analysis
  • Module 14: Wireless Attacks
  • Module 15: NIDS Snort
  • Module 16: Centralized Logging and Syslog
  • Module 17: Investigating Network Devices
  • Module 18: Web Proxies and Encryption
  • Module 19: Network Tunneling Scanning
  • Module 20: Malware Forensics

Lab Outline

  • Module 4, 5 & 6: – Working with Captured Files
  • Module 7, 8, 9 10, 11: Evidence Acquisition
  • Module 12, 13, 14: Wireless Traffic Evidence Acquisition
  • Module 15: IDS/IPS Forensics
  • Module 16 & 21: Network forensics and investigating logs
  • Module 17 & 18: SSL & Encryption
  • Module 20: Malware Forensics

Course Objectives

Participants will be able to apply forensically-sound best practice techniques against
virtual infrastructure entities in the following use case scenarios:

  • Identifying direct evidence of a crime
  • Attributing evidence to specific suspects
  • Confirming (or negating) suspect alibis
  • Confirming (or negating) suspect statements
  • Determining (or negating) suspect intent
  • Determining (or negating) Identifying sources
  • Determining (or negating) Authenticating documents