Looking for Global training? Go to https://firebrand.training/en or stay on the current site (Danmark)
Part of the BPP Education Group
89 88 66 05
GIAC - iOS and macOS Examiner (GIME)
Overview
This accelerated GIAC iOS and macOS Examiner (GIME) certification validates a practitioner's knowledge of Mac and iOS computer forensic analysis and incident response skills. GIME-certified professionals are well-versed in traditional investigations as well as intrusion analysis scenarios for compromised Apple devices.
Forensic professionals need tool independent training and certification to show they can tackle any Mac or iOS investigation whether it is traditional forensics or incident response. The GIME certification provides students the confidence they need to analyse data from any Apple device.
In just 2 days, you’ll also learn:
- Mac and iOS File Systems, System Triage, User and Application Data Analysis
- Mac and iOS Incident Response, Malware, and Intrusion Analysis
- Mac and iOS Memory Forensics and Timeline Analysis
At the end of this course, you’ll sit the GIAC exam, and achieve your GIAC iOS and macOS Examiner (GIME) certification. Through Firebrand’s Lecture | Lab | Review methodology, you’ll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.
Audience
This course is ideal for:
- Experienced Digital Forensic Analysts
- Law Enforcement Officers, Federal Agents, and Detectives
- Media Exploitation Analysts
- Incident Response Team Members
- Information Security Professionals who want to become knowledgeable about macOS and iOS system internals.
- SANS DFIR Alumni looking to round out their forensic skills.
Curriculum
- Module 1: Apple Application Analysis
- The candidate will analyze configurations and data for contacts, notes, wallet, photos, maps, screen time and apple watch applications.
- Module 2: Apple File System Artifacts
- The candidate will examine event artifacts created by file system operations, operating system use, Spotlight, and removable media devices.
- Module 3: Apple Systems Triage
- The candidate will prepare system triage with fundamental system artifacts. Triage information includes system identifiers, OS installation and backup dates, management profiles, network information, and user accounts.
- Module 4: Application Fundamentals
- The candidate will identify basic application data structures and construct SQL queries to examine the data. Document and iCloud analysis
- The candidate will distinguish changes across document versions and iCloud data.
- Module 5: Incident Response
- The candidate will examine artifacts created by malicious code and analyse volatile system artifacts. Introduction to Apple Operating Systems
- The candidate will differentiate between system acquisition and data types available for analysis.
- Module 6: Introduction to Disk and File Systems
- The candidate will identify key data types associated with Apple systems and mount system images for analysis.
- Module 7: Log Analysis and Timeline Creation
- The candidate will correlate key log types and create an event timeline.
- Module 8: Memory and Encrypted Container Analysis
- The candidate will analyse memory captures and use brute force techniques to access encrypted data for analysis.
- Module 9: Pattern of Life
- The candidate will organize system based artifacts to track user behaviour and habits.
- Module 10: Productivity Application Analysis
- The candidate will analyse configurations and data for mail, safari, communication, calendar and reminder applications.
- Module 11: User Data and System Configuration
- The candidate will identify artifacts created from system configuration and user data.
Exam Track
-
At the end of this accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered Certification Guarantee:
GIAC iOS and macOS Examiner (GIME) exam
- Duration: 2 hours
- Format: 1 proctored exam
- Number of questions: 75 questions
- Passing score: Minimum passing score of 67%
What's Included
Det hele er inkluderet! Du får en alt-inklusiv kursuspakke, som er målrettet til dine behov. Vi tager os af enhver detalje, så det eneste du skal fokusere på er dine lærings- og certificeringsmål.
- Transport til/fra specifikke afhentningssteder
- Overnatninger, samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
- Intensiv Hands-on uddannelse med vores unikke (Lecture | Lab | Review)TM metode
- Omfattende kursusmaterialer og labmanualer
- Et helt igennem instruktørstyret program
- 24 timers adgang til både undervisningslokale og instruktøren
- Samtlige måltider samt adgang til forfriskninger, snacks, kaffe og the.
- Certificeringsgaranti
Prerequisites
There are no prerequisites for this accelerated course.
Er du klar til dit Firebrand Kursus?
Vi interviewer alle potentielle deltagere angående deres baggrund, uddannelser, certificeringer og personlig indstilling. Hvis du kommer igennem denne screeningsprocedure, betyder det, at du har rigtig gode chancer for at bestå.
Firebrand Training tilbyder et ambitiøst uddannelsesmiljø, som forudsætter at du dedikerer dig til kurset. Ovenstående forkundskaber er vejledende; mange deltagere med mindre erfaring, men med en anden baggrund eller færdigheder, har haft succes med accelereret uddannelse hos Firebrand Training.
Hvis du funderer på hvorvidt du opfylder de anbefalede forkundskaber, er du meget velkommen til at ringe til os på 89 88 66 05 og tale med en af vores uddannelsesrådgivere, som kan hjælpe dig.
Kundereferencer
Her er Firebrand Training review afsnit. Siden 2001 har vi trænet præcist 134.561 studerende og professionelle og bedt dem alle om at gennemgå vores Accelerated Learning. Lige nu har 95,63% sagt, at Firebrand har overgået deres forventninger.
Læs anmeldelser fra de seneste accelererede kurser nedenfor, eller besøg Firebrand Stories for skriftlige og videointerviews med vores alumner.
"Best way to fully focus for complex certifications while benefiting from the real-life experience of the instructor"
Anonymous. (4/9/2023 (Mandag) til 8/9/2023 (Fredag))
"The instructor has a wealth of knowledge in OT, controls and automation. This especially true within the Oil and Gas industry. The training was significantly enhanced through this real-world experience and his ability interact with the class to cover off syllabus topics."
Anonymous. (28/11/2022 (Mandag) til 2/12/2022 (Fredag))
"Ive used Firebrand several times now over multiple job roles. I found this course GICSP was the most interesting course so far. This was hugely down to the instructor's interaction with the team and his shared real life scenarios. He is very knowledgeable indeed and presents the course in such a manner he made the subject feel much easier than it was. Its obvious that he is both passionate and dedicated in what he does. I look forward to attending onsite next year with him as the tutor"
Dave white, Essar Oil. (28/11/2022 (Mandag) til 2/12/2022 (Fredag))
"The GICSP training was excellent!"
AS. (28/11/2022 (Mandag) til 2/12/2022 (Fredag))
"Firebrand are well organised and their facilities, accommodation and training rooms are more than fit for purpose. The all-inclusive course represents good value and I would not hesitate to recommend to a friend or colleague, and have already done so!"
P.J., EDF Energy. (26/4/2021 (Mandag) til 30/4/2021 (Fredag))
Kursusdatoer
|
Starter |
Slutter |
Tilgængelighed |
Sted |
Tilmelding |
|---|---|---|---|---|
|
27/5/2024 (Mandag) |
28/5/2024 (Tirsdag) |
Afsluttet - Giv feedback |
- |
|
|
30/9/2024 (Mandag) |
1/10/2024 (Tirsdag) |
Venteliste |
Landsdækkende |
|
|
11/11/2024 (Mandag) |
12/11/2024 (Tirsdag) |
Begrænsede pladser |
Landsdækkende |
|
|
|
|
|
|
|
|
3/2/2025 (Mandag) |
4/2/2025 (Tirsdag) |
Tilgængelige pladser |
Landsdækkende |
|
|
17/3/2025 (Mandag) |
18/3/2025 (Tirsdag) |
Tilgængelige pladser |
Landsdækkende |
|