This 5-day Certified Network Forensics Examiner Training (CNFE) advanced course was originally designed for a select U.S. Government Agency. The CNFE certification program will prepare students to exercise truly advanced networking forensics techniques through the use of proprietary labs in our exclusive cyber range.
ACCREDITATIONS & ACKNOWLEDGEMENTS
- ACCREDITED by the NSA CNSS 4011-4016
- MAPPED to NIST / Homeland Security NICCS’s Cyber Security Workforce Framework
- APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)
The Certified Network Forensics Examiner Training (CNFE) Workshop/certification has been validated by the NSA for CNSSI-4012, National Information Assurance Training Standard for Senior System Managers, and NSTISSI – 4011, National Training Standard for Information Systems Security (INFOSEC).
YOU SHOULD ATTEND THIS CERTIFIED NETWORK FORENSICS EXAMINER (CNFE) COURSE IF YOU ARE:
- Cyber Security team members who need to respond to intrusions, ‘hacks’, and incidents in their network.
- Cyber Security team members are required to know how to examine, probe, trace, frisk, and interrogate their network(s) to find out how they were compromised.
- Those IT pros that want to advance their network investigative and incident response handling policies, procedures, and techniques.
- The Certified Network Forensics Examiner (CNFE) exam is taken online through our Assessment and Certification System (“MACS”), which is accessible on your ENO Institute account. The exam will take 2 hours and consist of 100 multiple-choice questions. The cost is $500 USD and must be purchased from us
- 5 Days of Certified Network Forensics Examiner (CNFE) Training from an Authorized Instructor
- Official Student Courseware (Electronic Version)
- Student Lab guide
- Exam Prep Guide
- Certificate of Completion
- CPEs: 40 Hours
- Certified Network Forensics Examiner Training (CNFE) – https://www.wiley.com/
- Certified Network Forensics Examiner (CNFE) – https://www.packtpub.com/
- Certified Network Forensics Examiner (CNFE) – https://store.logicaloperations.com/
- Certified Network Forensics Examiner (CNFE) – https://us.artechhouse.com/
- Certified Network Forensics Examiner Training (CNFE) – https://www.amazon.com/
- Certified Disaster Recovery Engineer Training (CDRE)
- Certified Incident Handling Engineer Training (CIHE)
- Certified Cloud Security Officer Training (CCSO)
- Certified Powershell Hacker (CPSH) Training
- Certified Penetration Testing Engineer Training (CPTE)
- Certified Digital Forensics Examiner Training (CDFE)
- Certified Information Systems Security Officer Training (CISSO)
- Certified Secure Web Application Engineer Training (CSWAE)
- Certified Professional Ethical Hacker Training (CPEH)
After completing this Certified Network Forensics Examiner Training (CNFE) course, students will be able to:
- The CNFE certification program will prepare students to exercise truly advanced networking forensics techniques through the use of proprietary labs in our exclusive cyber range, students will have the knowledge to perform network forensic examinations and be able to accurately report on their findings and also be ready to sit for the CNFE exam.
- We can adapt this Certified Network Forensics Examiner Training (CNFE) course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this CNFE Certification Training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the CNFE Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the CNFE Certification Training course in a manner understandable to lay audiences.
The target audience for this Certified Network Forensics Examiner Training (CNFE) course:
- Digital and Network Forensics Examiners
- IS Managers
- Network Auditors
- IT Managers
The knowledge and skills that a learner must have before attending this Certified Network Forensics Examiner Training (CNFE) course are:
- 2 Years of Networking Experience
- 2 years in IT Security
- Working Knowledge of TCP/IP
- Module 1 – Digital Evidence Concepts
- Module 2 – Network Evidence Challenges
- Module 3 – Network Forensics Investigative Methodology
- Module 4 – Network-Based Evidence
- Module 5 – Network Principles
- Module 6 – Internet Protocol Suite
- Module 7 – Physical Interception
- Module 8 – Traffic Acquisition Software
- Module 9 – Live Acquisition
- Module 10 – Analysis
- Module 11 – Layer 2 Protocol
- Module 12 – Wireless Access Points
- Module 13 – Wireless Capture Traffic and Analysis
- Module 14 – Wireless Attacks
- Module 15 – NIDS_Snort
- Module 16 – Centralized Logging and Syslog
- Module 17 – Investigating Network Devices
- Module 18 – Web Proxies and Encryption
- Module 19 – Network Tunneling
- Module 20 – Malware Forensics
HANDS-ON LABORATORY EXERCISES
Lab 1 – Working with captured files
- Exercise 1 – HTTP.pcap
- Exercise 2 – SMB.pcap
- Exercise 3 – SIP_RTP.pcap
Lab 2 – Layer 2 Attacks
- Exercise 1 – Analyze the capture of macof.
- Exercise 2 – Manipulating the STP root bridge election process
Lab 2 – Active Evidence Acquisition
Lab 3 – Preparing for Packet Inspection
Lab 4 – Analyzing Packet Captures
- Exercise 2: Analyze TKIP and CCMP Frames starting from the 4-Way Handshake process.
Lab 5 – Case Study: ABC Real Estate
Lab 6 – NIDS/NIPS
- Exercise 1 – Use Snort as Packet Sniffer
- Exercise 2 – Use Snort as a packet logger
- Exercise 3 – Check Snort’s IDS abilities with pre-captured attack pattern files
Lab 7 – Syslog Exercise
Lab 8 – Network Device Log
LAB 9 – SSL
- Exercise 1 – Decrypting SSL Traffic by using a given Certificate Private Key
- Exercise 2 – SSL and Friendly Man-in-the-middle