CREST Certified Network Intrusion Analyst (CCNIA)

This accelerated Certified Network Intrusion Analyst (CCNIA) course, tests candidates’ knowledge of analysing network traffic and log files for evidence of potential compromise and analysing the potential underlying causes and infection vectors.

The examination is a rigorous assessment of the candidate’s ability to assess a given network for indications of malicious activity including remote control and data ex-filtration.

On this course you will also learn to:

• Critically evaluate processes for reporting cyber security incidents.
• Analyse different types of network communication.
• Understand threat intelligence sources, capabilities, and limitations.
• Identify, capture, contain and report malware.
• Develop and deploy signatures.
• Competently use intrusion detection technologies to detect host and network-based intrusions.
• Appropriately tune sensors.
• Effectively use protocol analysers.
• Configure and implement network analysis tools to identify vulnerabilities.
• Perform packet-level analysis.
• Recognise and interpret malicious network activity in traffic.
• Effectively and efficiently interpret metadata.

At the end of this course, you’ll achieve your Certified Network Intrusion Analyst (CCNIA) certification. Through Firebrand’s Lecture | Lab | Review methodology, you’ll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.

Audience

This course is ideal for:

• Aspiring information security personnel who wish to be part of an incident response team
• Existing practitioners wishing to become CREST Registered
• System administrators who are responding to attacks, Incident handlers who wish to expand their knowledge into Digital Forensics
• Government departments who wish to raise and baseline skills across all security teams
• Law enforcement officers or detectives who want to expand their investigative skills
• Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications
• Senior practitioner-level cyber security professionals who wish to understand how to conduct in-depth network intrusion analysis. Roles include:
  • Incident Response practitioners
  • Digital Forensics practitioners
  • SOC Analysts
  • Cyber Crime Investigators
  • Security Analysts
  • Malware Reverse Engineers

• Module 1: Data Sources
• Module 2: Statistical Analysis
• Module 3: Beaconing Systems
• Module 4: Encrypted Communications
• Module 5: Network Traffic Analysis
• Module 6: Networking Protocols
• Module 7: Covert Channel Identification
• Module 8: Log Analysis

There are no prerequisites for this accelerated course but before attending this accelerated course, you should have:

• A good appreciation of the technical aspects of ICT and one year’s experience in network / server technical administration / operations.

At the end of this accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered Certification Guarantee:

Certified Network Intrusion Analyst (CCNIA) exam

The format is the same as for all other CREST certifications. The candidate will be expected to possess not only the technical ability to find security weaknesses and vulnerabilities, but also the skills to ensure findings are presented in a clear, concise and understandable manner.

• Format: A multiple choice technical examination; A long form essay style written paper, testing both technical ability and presentation ability; A hands-on practical examination
• Passing score: To pass the exam, the candidate must pass all three sections.
• Domains:
  • Data Sources
  • Statistical Analysis
  • Beaconing Systems
  • Encrypted Communications
  • Network Traffic Analysis
  • Networking Protocols
  • Covert Channel Identification
  • Log Analysis