GIAC - Firebrand's training for GIAC's Certified Intrusion Analyst | GCIA

Duration:

Only 4 Days

Method:

Classroom / Online / Hybrid

Next date:

10.2.2025 (Monday)

Overview

On this 4-day GIAC Intrusion Analyst Certification course, you'll develop the competence to configure and monitor detection systems as well as understand, interpret and analyse network traffic and log files.

This course is aimed at professionals responsible for network and host monitoring, traffic analysis and intrusion detection. Some of the skills you'll learn include:

Developing a deeper understanding of traffic analysis tools to detect and subsequently respond to intrusions
Understanding the importance behind the optimal placement of IDS sensors and how network forensics can help identify intrusions
Understanding the intricacies behind detecting intrusions and assisting analysts with the necessary resources

Our unique Lecture | Lab | Review technique will immerse you in course content. Combining both theoretical knowledge with hands-on experience means you'll learn faster and you'll develop the skills necessary to put your new found knowledge to practice as soon as you return to work.

On this course, you'll be prepared for the GIAC Certified Intrusion Analyst (GCIA) exam. This is covered by your Certification Guarantee.

This course is aimed at those responsible for networking and host monitoring, traffic analysis and intrusion detection.

This course provides knowledge equivalent to the SANS SEC503: Intrusion Detection In-Depth.

See prices now to find out how much you could save when you train at twice the speed.

See prices

Four reasons why you should sit your GCIA course with Firebrand Training

You'll be GCIA trained and certified faster. Learn more on this 4-day accelerated course. You'll get at least 12 hours a day of quality learning time in a distraction-free environment
Your GCIA course is all-inclusive. One simple price covers all course materials, exams, accommodation and meals – so you can focus on learning
Pass GCIA first time or train again for free. Your expert instructor will deliver our unique accelerated learning methods, allowing you to learn faster and be in the best possible position to pass first time. In the unlikely event that you don't, it's covered by your Certification Guarantee
Study GCIA with an award-winning training provider. We've won the Learning and Performance Institute's "Training Company of the Year" three times. Firebrand is your fastest way to learn, with 134561 students saving more than one million hours since 2001

Benefits

Please Note

Examination vouchers not included for GIAC, CREST and CISSP CBK Review
On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses

Seven reasons why you should sit your course with Firebrand Training

Two options of training. Choose between residential classroom-based, or online courses
You'll be certified fast. With us, you’ll be trained in record time
Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
You’ll learn more. A day with a traditional training provider generally runs from 9 am – 5 pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day of quality learning time, with your instructor
You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

* For residential training only. Doesn't apply for online courses
** Some exceptions apply. Please refer to the Exam Track or speak with our experts

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

Free Practice Test

Curriculum

Advanced IDS Concepts

Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)

Application Protocols

The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols

Concepts of TCP/IP and the Link Layer

The candidate will understand the TCP/IP communications model and link layer operations

DNS

The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes

Fragmentation

The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks

IDS Fundamentals and Initial Deployment (e.g., snort, bro)

Understand architecture, benefits/weaknesses, and configuration options of common IDS systems. Demonstrate ability to configure and deploy IDS (e.g., snort, bro)

IDS Rules (e.g., snort, bro)

Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity

IP Headers

The candidate will demonstrate the ability to dissect IP packet headers and analyse them for normal and anomalous values that may point to security issues

IPv6

The candidate will demonstrate knowledge, skill and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4

Network Architecture and Event Correlation

The candidate will demonstrate competence with issues relating to IDS/IPS management, network architecture as it pertains to intrusion detection, and event correlation and management

Network Traffic Analysis and Forensics

The candidate will demonstrate the ability to analyse real traffic and associated artifacts: malicious, normal and application traffic; and demonstrate the ability to discern malicious traffic from false positives

Packet Engineering

The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, OS fingerprinting, and IDS Evasion/Insertion

Silk and Other Traffic Analysis Tools

The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis

TCP

The candidate will understand TCP communications as well as expected responses to given stimuli at this layer

Tcpdump Filters

The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria

UDP and ICMP

The candidate will demonstrated the ability to analyse both UDP and ICMP packets and recognise common issues

Wireshark Fundamentals

The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to high degree of proficiency

Exam Track

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.

GIAC Certified Intrusion Analyst (GCIA)

Additional Exam Details:

1 proctored exam
150 questions
Time limit of 4 hours
Minimum passing score of 67%
Certifications must be renewed every 4 years

What's Included

On this accelerated course, you'll get access to the following:

Firebrand official training materials

Your accelerated course includes:

Accommodation *
Meals, unlimited snacks, beverages, tea and coffee *
On-site exams **
Exam vouchers **
Practice tests **
Certification Guarantee ***
Courseware
Up-to 12 hours of instructor-led training each day
24-hour lab access
Digital courseware **

* For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
** Some exceptions apply. Please refer to the Exam Track or speak with our experts
*** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Prerequisites

While there are no official prerequisites for this course, you should have a working knowledge of TCP/IP and hexadecimal. As well as this, you should have an understanding of Linux commands such as cd, sudo and pwd.

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 134561 students and asked them all to review our Accelerated Learning. Currently, 94.72% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.

"Good knowledge and experience on Cyber Security for ICS."
Anonymous (21.11.2016 (Monday) to 25.11.2016 (Friday))

"Firebrand provided a first class course and testing centre and makes getting the certification very simple. Having both training and exam in a single centre was very helpful."
Anonymous (21.11.2016 (Monday) to 25.11.2016 (Friday))

"Perfect!"
Anonymous (21.11.2016 (Monday) to 25.11.2016 (Friday))

"Great course with big knowledge in a team of different experiences."
Anonymous (21.11.2016 (Monday) to 25.11.2016 (Friday))

"Best way to fully focus for complex certifications while benefiting from the real-life experience of the instructor"
Anonymous. (4.9.2023 (Monday) to 8.9.2023 (Friday))

Course Dates

Start	Finish	Status	Location
26.8.2024 (Monday)	29.8.2024 (Thursday)	Finished - Leave feedback	-

10.2.2025 (Monday)	13.2.2025 (Thursday)	Limited availability	Nationwide
24.3.2025 (Monday)	27.3.2025 (Thursday)	Open	Nationwide
5.5.2025 (Monday)	8.5.2025 (Thursday)	Open	Nationwide
16.6.2025 (Monday)	19.6.2025 (Thursday)	Open	Nationwide