GIAC Certified Intrusion Analyst (GCIA) Training
Commitment | 5 Days, 7-8 hours a day. |
Language | English |
User Ratings | Average User Rating 4.8 See what learners said |
Price | REQUEST |
Delivery Options | Instructor-Led Onsite, Online, and Classroom Live |
COURSE OVERVIEW
The GIAC Certified Intrusion Analyst (GCIA) is an intermediate skill level certification that was created to provide assurance that a certified individual has the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files. GCIAs are individuals who are responsible for network and host monitoring, traffic analysis, and intrusion detection.
EXAM INFORMATION
- 1 proctored exam
- 106 questions
- 4 hours
- A minimum passing score of 67%
Note: GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GCIA exam has been determined to be 67% for all candidates receiving access to their certification attempts on or after January 21, 2023. To verify the format and passing point of your specific certification attempt, read the Certification Information found in your account at https://exams.giac.org/pages/attempts.
WHAT'S INCLUDED?
- Five days of the best hands-on GIAC Certified Intrusion Analyst (GCIA) Training in the industry
- GCIA Courseware and Study Guide
- GCIA Sample Exam Questions
- Certificate of Completion
- 100% Satisfaction Guarantee
RESOURCES
- GIAC Certified Intrusion Analyst (GCIA) – https://www.wiley.com/
- GIAC Certified Intrusion Analyst (GCIA) Training – https://www.packtpub.com/
- GIAC Certified Intrusion Analyst (GCIA) – https://store.logicaloperations.com/
- GIAC Certified Intrusion Analyst (GCIA) – https://us.artechhouse.com/
- GIAC Certified Intrusion Analyst (GCIA) Training – https://www.amazon.com/
RELATED COURSES
- GIAC Certified Incident Handler (GCIH) Training
- GIAC Security Essentials Certification (GSEC) Training
- GIAC Security Leadership Certificate (GSLC) Training
- Computer Forensics Training
- Certified Powershell Hacker (CPSH) Training
- Cybersecurity Foundations Training
- Cyber Threats Detection and Mitigation Training
- Cyber Threats Hunting (CCTHP) Training
- Cyber Threat Intelligence Analysis Training
- Cybersecurity Investigations and Network Forensics Analysis
ADDITIONAL INFORMATION
COURSE OBJECTIVES
After attending our GIAC Certified Intrusion Analyst (GCIA) Training Workshop, you will have the ability to:
- Advanced Analysis and Network Forensics
- Advanced IDS Concepts
- Application Protocols
- TCP/IP Concepts
- DNS
- IDS Fundamentals and Network Architecture
- IDS Rules
- IP headers
- Network Traffic Analysis
- Traffic Analysis Tool Such as SiLK
- UDP and ICMP
- Fundamentals of Wireshark
- Packet Engineering
CUSTOMIZE IT
- We can adapt this GIAC Certified Intrusion Analyst (GCIA) Training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this GIAC Certified Intrusion Analyst (GCIA) course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the GIAC Certified Intrusion Analyst (GCIA) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the GIAC Certified Intrusion Analyst (GCIA) course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this GIAC Certified Intrusion Analyst (GCIA) Training Workshop course:
- Intrusion Detection Analysts
- Incident Handlers
- Digital Forensic Engineers
- Security Professionals and Managers
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this GIAC Certified Intrusion Analyst (GCIA) Training are:
- While there are no official prerequisites for this GIAC Certified Intrusion Analyst (GCIA) course, you should have a working knowledge of TCP/IP and hexadecimal. As well as this, you should have an understanding of Linux commands such as cd, sudo, and PWD.
COURSE SYLLABUS
Advanced IDS Concepts
- Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)
Application Protocols
- The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols
Concepts of TCP/IP and the Link Layer
- The candidate will understand the TCP/IP communications model and link layer operations
GIAC Certified Intrusion Analyst (GCIA) Training – DNS
- The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes
Fragmentation
- The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks
IDS Fundamentals and Initial Deployment (e.g., snort, bro)
- Understand the architecture, benefits/weaknesses, and configuration options of common IDS systems. Demonstrate ability to configure and deploy IDS (e.g., snort, bro)
IDS Rules (e.g., snort, bro)
- Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity
IP Headers
- The candidate will demonstrate the ability to dissect IP packet headers and analyze them for normal and anomalous values that may point to security issues
IPv6
- The candidate will demonstrate knowledge, skill, and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4
Network Architecture and Event Correlation
- The candidate will demonstrate competence with issues relating to IDS/IPS management, network architecture as it pertains to intrusion detection, and event correlation and management. GIAC Certified Intrusion Analyst (GCIA) Training
Network Traffic Analysis and Forensics
- The candidate will demonstrate the ability to analyze real traffic and associated artifacts: malicious, normal, and application traffic; and demonstrate the ability to discern malicious traffic from false positives
Packet Engineering
- The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, OS fingerprinting, and IDS Evasion/Insertion
Silk and Other Traffic Analysis Tools
- The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis
TCP
- The candidate will understand TCP communications as well as expected responses to given stimuli at this layer
Tcpdump Filters
- The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria
UDP and ICMP
- The candidate will demonstrate the ability to analyze both UDP and ICMP packets and recognize common issues
Wireshark Fundamentals
- The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to a high degree of proficiency