GIAC Certified Intrusion Analyst (GCIA) Training

Commitment 5 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Price REQUEST
Delivery Options Instructor-Led Onsite, Online, and Classroom Live

COURSE OVERVIEW

The GIAC Certified Intrusion Analyst (GCIA) is an intermediate skill level certification that was created to provide assurance that a certified individual has the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files. GCIAs are individuals who are responsible for network and host monitoring, traffic analysis, and intrusion detection.

EXAM INFORMATION
  • 1 proctored exam
  • 106 questions
  • 4 hours
  • A minimum passing score of 67%

Note: GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GCIA exam has been determined to be 67% for all candidates receiving access to their certification attempts on or after January 21, 2023. To verify the format and passing point of your specific certification attempt, read the Certification Information found in your account at https://exams.giac.org/pages/attempts.

WHAT'S INCLUDED?
  • Five days of the best hands-on GIAC Certified Intrusion Analyst (GCIA) Training in the industry
  • GCIA Courseware and Study Guide
  • GCIA Sample Exam Questions
  • Certificate of Completion
  • 100% Satisfaction Guarantee
RESOURCES
RELATED COURSES

ADDITIONAL INFORMATION

COURSE OBJECTIVES

After attending our GIAC Certified Intrusion Analyst (GCIA) Training Workshop, you will have the ability to:

  • Advanced Analysis and Network Forensics
  • Advanced IDS Concepts
  • Application Protocols
  • TCP/IP Concepts
  • DNS
  • IDS Fundamentals and Network Architecture
  • IDS Rules
  • IP headers
  • Network Traffic Analysis
  • Traffic Analysis Tool Such as SiLK
  • UDP and ICMP
  • Fundamentals of Wireshark
  • Packet Engineering
CUSTOMIZE IT
  • We can adapt this GIAC Certified Intrusion Analyst (GCIA) Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this GIAC Certified Intrusion Analyst (GCIA) course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the GIAC Certified Intrusion Analyst (GCIA) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the GIAC Certified Intrusion Analyst (GCIA) course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP

The target audience for this GIAC Certified Intrusion Analyst (GCIA) Training Workshop course:

  • Intrusion Detection Analysts
  • Incident Handlers
  • Digital Forensic Engineers
  • Security Professionals and Managers
CLASS PREREQUISITES

The knowledge and skills that a learner must have before attending this GIAC Certified Intrusion Analyst (GCIA) Training are:

  • While there are no official prerequisites for this GIAC Certified Intrusion Analyst (GCIA) course, you should have a working knowledge of TCP/IP and hexadecimal. As well as this, you should have an understanding of Linux commands such as cd, sudo, and PWD.

COURSE SYLLABUS

Advanced IDS Concepts

  • Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)

Application Protocols

  • The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols

Concepts of TCP/IP and the Link Layer

  • The candidate will understand the TCP/IP communications model and link layer operations

GIAC Certified Intrusion Analyst (GCIA) Training – DNS

  • The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes

Fragmentation

  • The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks

IDS Fundamentals and Initial Deployment (e.g., snort, bro)

  • Understand the architecture, benefits/weaknesses, and configuration options of common IDS systems. Demonstrate ability to configure and deploy IDS (e.g., snort, bro)

IDS Rules (e.g., snort, bro)

  • Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity

IP Headers

  • The candidate will demonstrate the ability to dissect IP packet headers and analyze them for normal and anomalous values that may point to security issues

IPv6

  • The candidate will demonstrate knowledge, skill, and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4

Network Architecture and Event Correlation

  • The candidate will demonstrate competence with issues relating to IDS/IPS management, network architecture as it pertains to intrusion detection, and event correlation and management. GIAC Certified Intrusion Analyst (GCIA) Training

Network Traffic Analysis and Forensics 

  • The candidate will demonstrate the ability to analyze real traffic and associated artifacts: malicious, normal, and application traffic; and demonstrate the ability to discern malicious traffic from false positives

Packet Engineering

  • The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, OS fingerprinting, and IDS Evasion/Insertion

Silk and Other Traffic Analysis Tools

  • The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis

TCP

  • The candidate will understand TCP communications as well as expected responses to given stimuli at this layer

Tcpdump Filters

  • The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria

UDP and ICMP

  • The candidate will demonstrate the ability to analyze both UDP and ICMP packets and recognize common issues

Wireshark Fundamentals

  • The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to a high degree of proficiency
GIAC Certified Intrusion Analyst (GCIA) TrainingGIAC Certified Intrusion Analyst (GCIA) Training Course Recap, Q/A, and Evaluations

REQUEST MORE INFORMATION