GIAC - Firebrand's training for GIAC's Certified Intrusion Analyst | GCIA

Varaktighet:

Bara 4 dagar

Metod:

Klassrum / Uppkopplad / Hybrid

Nästa datum:

24/6/2024 (Måndag)

Overview

On this 4-day GIAC Intrusion Analyst Certification course, you'll develop the competence to configure and monitor detection systems as well as understand, interpret and analyse network traffic and log files.

This course is aimed at professionals responsible for network and host monitoring, traffic analysis and intrusion detection. Some of the skills you'll learn include:

Developing a deeper understanding of traffic analysis tools to detect and subsequently respond to intrusions
Understanding the importance behind the optimal placement of IDS sensors and how network forensics can help identify intrusions
Understanding the intricacies behind detecting intrusions and assisting analysts with the necessary resources

Our unique Lecture | Lab | Review technique will immerse you in course content. Combining both theoretical knowledge with hands-on experience means you'll learn faster and you'll develop the skills necessary to put your new found knowledge to practice as soon as you return to work.

On this course, you'll be prepared for the GIAC Certified Intrusion Analyst (GCIA) exam. This is covered by your Certification Guarantee.

This course is aimed at those responsible for networking and host monitoring, traffic analysis and intrusion detection.

This course provides knowledge equivalent to the SANS SEC503: Intrusion Detection In-Depth.

Det tar bara ett ögonblick att se hur billig din kurs är...

Se priser

Sju anledningar till varför du bör välja din kurs med Firebrand Training

Två utbildningsalternativ. Välj mellan boende på plats med klassrumsundervisning eller onlinekurser
Du blir certifierad snabbt. Hos oss blir du utbildad rekordsnabbt
Vår kurs är heltäckande. En engångsavgift täcker alla kursmaterial, examina**, boende* och måltider*. Inga dolda extra kostnader.
Godkänn första gången eller träna om gratis. Detta är vår garanti. Vi är övertygade om att du kommer klara kursen på första försöket. Men om inte, kom tillbaka inom ett år och betala endast för boende, examina och tillkommande kostnader
Du kommer lära dig mer. En dag med en traditionell utbildningsleverantör brukar generellt pågå från kl. 9 till 17, med en lång paus för lunch. Med Firebrand Training får du minst 12 timmar/dag av kvalitativ inlärningstid med din instruktör
Du kommer lära dig snabbare. Sannolikheten är att du har en annan inlärningsstil än de omkring dig. Vi kombinerar visuella, auditiva och taktila stilar för att leverera materialet på ett sätt som säkerställer att du lär dig snabbare och enklare
Du kommer studera med de bästa. Vi har varit med på Training Industrys lista "Top 20 IT Training Companies of the Year" varje år sedan 2010. Förutom många fler utmärkelser har vi utbildat och certifierat över 100 000 yrkesverksamma

* Endast för boende på plats. Gäller inte för onlinekurser
** Vissa undantag gäller. Vänligen se Exam Track eller prata med våra experter

Benefits

Please Note

Examination vouchers not included for GIAC, CREST and CISSP CBK Review
On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses

Är du redo för kursen? Ta ett KOSTNADSFRITT test för att mäta och utvärdera din kunskap.

Kostnadsfritt Test

Curriculum

Advanced IDS Concepts

Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)

Application Protocols

The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols

Concepts of TCP/IP and the Link Layer

The candidate will understand the TCP/IP communications model and link layer operations

DNS

The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes

Fragmentation

The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks

IDS Fundamentals and Initial Deployment (e.g., snort, bro)

Understand architecture, benefits/weaknesses, and configuration options of common IDS systems. Demonstrate ability to configure and deploy IDS (e.g., snort, bro)

IDS Rules (e.g., snort, bro)

Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity

IP Headers

The candidate will demonstrate the ability to dissect IP packet headers and analyse them for normal and anomalous values that may point to security issues

IPv6

The candidate will demonstrate knowledge, skill and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4

Network Architecture and Event Correlation

The candidate will demonstrate competence with issues relating to IDS/IPS management, network architecture as it pertains to intrusion detection, and event correlation and management

Network Traffic Analysis and Forensics

The candidate will demonstrate the ability to analyse real traffic and associated artifacts: malicious, normal and application traffic; and demonstrate the ability to discern malicious traffic from false positives

Packet Engineering

The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, OS fingerprinting, and IDS Evasion/Insertion

Silk and Other Traffic Analysis Tools

The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis

TCP

The candidate will understand TCP communications as well as expected responses to given stimuli at this layer

Tcpdump Filters

The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria

UDP and ICMP

The candidate will demonstrated the ability to analyse both UDP and ICMP packets and recognise common issues

Wireshark Fundamentals

The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to high degree of proficiency

Exam Track

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.

GIAC Certified Intrusion Analyst (GCIA)

Additional Exam Details:

1 proctored exam
150 questions
Time limit of 4 hours
Minimum passing score of 67%
Certifications must be renewed every 4 years

What's Included

On this accelerated course, you'll get access to the following:

Firebrand official training materials

Prerequisites

While there are no official prerequisites for this course, you should have a working knowledge of TCP/IP and hexadecimal. As well as this, you should have an understanding of Linux commands such as cd, sudo and pwd.

Är du redo för din Firebrand kurs?

Vi intervjuar alla potentiella deltagare om deras bakgrund, utbildning, certifiering och personliga inställning. Om du kommer igenom denna process så har du riktigt goda möjligheter att klara din certifiering.

Firebrand Training erbjuder en ambitiös utbildningsmiljö som förutsätter att du verkligen dedikerar dig till kursen. Ovanstående förkunskaper är endast vägledande, många deltagare med mindre erfarenhet men med en annan bakgrund eller kunskap har framgångsrikt genomfört sin utbildning hos Firebrand Training.

Om du funderar på huruvida du uppfyller rekommenderade förkunskaper vänligen ring oss på (0)8 44 68 27 85 och prata med en av våra utbildningsrådgivare som kan hjälpa dig.

Kundreferenser

Här är Firebrand Training recension avsnittet. Sedan 2001 har vi utbildat exakt 134.561 studenter och proffs och bett dem alla att recensera vår Accelerated Learning. För närvarande har, 96,41% sagt att Firebrand överträffade deras förväntningar.

Läs recensioner från avslutade accelereradekurser nedan eller besök Firebrand Stories för skriftliga och videointervjuer med våra tidigare alumni.

"Best way to fully focus for complex certifications while benefiting from the real-life experience of the instructor"
Anonymous. (4/9/2023 (Måndag) till 8/9/2023 (Fredag))

"The instructor has a wealth of knowledge in OT, controls and automation. This especially true within the Oil and Gas industry. The training was significantly enhanced through this real-world experience and his ability interact with the class to cover off syllabus topics."
Anonymous. (28/11/2022 (Måndag) till 2/12/2022 (Fredag))

"Ive used Firebrand several times now over multiple job roles. I found this course GICSP was the most interesting course so far. This was hugely down to the instructor's interaction with the team and his shared real life scenarios. He is very knowledgeable indeed and presents the course in such a manner he made the subject feel much easier than it was. Its obvious that he is both passionate and dedicated in what he does. I look forward to attending onsite next year with him as the tutor"
Dave white, Essar Oil. (28/11/2022 (Måndag) till 2/12/2022 (Fredag))

"The GICSP training was excellent!"
AS. (28/11/2022 (Måndag) till 2/12/2022 (Fredag))

"Firebrand are well organised and their facilities, accommodation and training rooms are more than fit for purpose. The all-inclusive course represents good value and I would not hesitate to recommend to a friend or colleague, and have already done so!"
P.J., EDF Energy. (26/4/2021 (Måndag) till 30/4/2021 (Fredag))

Kursdatum

Startar	Slutar	Tillgänglighet	Plats
19/2/2024 (Måndag)	22/2/2024 (Torsdag)	Avslutad - Lämna feedback	-
24/6/2024 (Måndag)	27/6/2024 (Torsdag)	Väntelista	Rikstäckande
5/8/2024 (Måndag)	8/8/2024 (Torsdag)	Begränsat antal platser	Rikstäckande
16/9/2024 (Måndag)	19/9/2024 (Torsdag)	Platser tillgängliga	Rikstäckande
28/10/2024 (Måndag)	31/10/2024 (Torsdag)	Platser tillgängliga	Rikstäckande
9/12/2024 (Måndag)	12/12/2024 (Torsdag)	Platser tillgängliga	Rikstäckande