GIAC Certified Intrusion Analyst (GCIA) - Only 4 Days

On this 4-day GIAC Intrusion Analyst Certification course, you'll develop the competence to configure and monitor detection systems as well as understand, interpret and analyse network traffic and log files.

This course is aimed at professionals responsible for network and host monitoring, traffic analysis and intrusion detection. Some of the skills you'll learn include:

  • Developing a deeper understanding of traffic analysis tools to detect and subsequently respond to intrusions
  • Understanding the importance behind the optimal placement of IDS sensors and how network forensics can help identify intrusions
  • Understanding the intricacies behind detecting intrusions and assisting analysts with the necessary resources

Our unique Lecture | Lab | Review technique will immerse you in course content. Combining both theoretical knowledge with hands-on experience means you'll learn faster and you'll develop the skills necessary to put your new found knowledge to practice as soon as you return to work.

Read more...

On this course, you'll be prepared for the GIAC Certified Intrusion Analyst (GCIA) exam. This is covered by your Certification Guarantee.

This course is aimed at those responsible for networking and host monitoring, traffic analysis and intrusion detection.

This course provides knowledge equivalent to the SANS SEC503: Intrusion Detection In-Depth.

See Benefits...

Seven reasons why you should sit your course with Firebrand Training

  1. You'll be GCIA certified in just 4 days. With us, you’ll be GCIA trained in record time
  2. Our GCIA course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  3. Pass GCIA first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn GCIA faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll be studying GCIA with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 72,589 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study Firebrand's courseware. We use practical exercises to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging

Latest GCIA Reviews from our students

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a Certification Guarantee. Pass first time or train again for free (just pay for accommodation, exams and incidental costs). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.

See Curriculum...

Latest GCIA Reviews from our students

Advanced IDS Concepts

  • Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)

Application Protocols

  • The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols

Concepts of TCP/IP and the Link Layer

  • The candidate will understand the TCP/IP communications model and link layer operations

DNS

  • The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes

Fragmentation

  • The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks

IDS Fundamentals and Initial Deployment (e.g., snort, bro)

  • Understand architecture, benefits/weaknesses, and configuration options of common IDS systems. Demonstrate ability to configure and deploy IDS (e.g., snort, bro)

IDS Rules (e.g., snort, bro)

  • Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity

IP Headers

  • The candidate will demonstrate the ability to dissect IP packet headers and analyse them for normal and anomalous values that may point to security issues

IPv6

  • The candidate will demonstrate knowledge, skill and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4

Network Architecture and Event Correlation

  • The candidate will demonstrate competence with issues relating to IDS/IPS management, network architecture as it pertains to intrusion detection, and event correlation and management

Network Traffic Analysis and Forensics

  • The candidate will demonstrate the ability to analyse real traffic and associated artifacts: malicious, normal and application traffic; and demonstrate the ability to discern malicious traffic from false positives

Packet Engineering

  • The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, OS fingerprinting, and IDS Evasion/Insertion

Silk and Other Traffic Analysis Tools

  • The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis

TCP

  • The candidate will understand TCP communications as well as expected responses to given stimuli at this layer

Tcpdump Filters

  • The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria

UDP and ICMP

  • The candidate will demonstrated the ability to analyse both UDP and ICMP packets and recognise common issues

Wireshark Fundamentals

  • The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to high degree of proficiency

See Exam Track...

Latest GCIA Reviews from our students

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.

  • GIAC Certified Intrusion Analyst (GCIA)

Additional Exam Details:

  • 1 proctored exam
  • 150 questions
  • Time limit of 4 hours
  • Minimum passing score of 67%
  • Certifications must be renewed every 4 years

See What's Included...

Latest GCIA Reviews from our students

On this accelerated course, you'll get access to the following:

  • Firebrand official training materials

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Accelerated Learning Programmes include:

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • On site testing ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Transportation to/from designated local railway stations
  • Examination Passing Policy

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Firebrand goes digital

We’re currently migrating from printed to digital courseware. Some courseware is already available in digital, while other books remain in printed form. To find out if this course is digital, call us on 080 80 800 888.

There are several benefits of easy-to-use digital courseware: downloads are immediate, and you’ll always have your courseware available wherever you are. You won’t need to wait for a printed book to be delivered before you start learning – and it’s better for the environment. You can choose to download the courseware to your own device, or borrow one of ours.

Considering a Microsoft course? Always have the most up-to-date Microsoft digital courseware with ‘Fresh Editions’. This gives you access to all versions of digital courseware – you’ll receive updates and revisions of your textbook, at no charge, for the life of that course.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: GIAC, CREST and CISSP CBK Review. Exam vouchers may also not be included for Apprentices and will require a separate purchase by an employer due to Education and Skills Funding Agency guidelines.
  • *** On site testing is not included for our PMI, GIAC, CREST, CSX Practitioner or ITIL Managers and Revision Certification Courses
  • **** Accommodation not included on the CISSP CBK Review Seminar

See Prerequisites...

Latest GCIA Reviews from our students

While there are no official prerequisites for this course, you should have a working knowledge of TCP/IP and hexadecimal. As well as this, you should have an understanding of Linux commands such as cd, sudo and pwd.

Unsure whether you meet the prerequisites?

Don’t worry - we’ll discuss your technical background, experience and qualifications to determine whether this accelerated course suits you.

Just call us on 080 80 800 888 and speak to one of our enrolment consultants.

Firebrand is an immersive environment and requires commitment. Some prerequisites are simply guidelines; you may find your unique experience, attitude and determination enables you to succeed on your accelerated course.

See Dates...

Latest GCIA Reviews from our students

GIAC GCIA Course Dates

Start

Finish

Status

Location

Book now

27/5/2019 (Monday)

30/5/2019 (Thursday)

Finished

-

 

30/9/2019 (Monday)

3/10/2019 (Thursday)

Wait list

Nationwide

 

11/11/2019 (Monday)

14/11/2019 (Thursday)

Limited availability

Nationwide

 

3/2/2020 (Monday)

6/2/2020 (Thursday)

Open

Nationwide

 

16/3/2020 (Monday)

19/3/2020 (Thursday)

Open

Nationwide

 

Latest GCIA Reviews from our students

Here's the Firebrand Training review section. Since 2001 we've trained exactly 72,589 students and asked them all to review our Accelerated Learning. Currently, 96.75% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"Very informative. Lecturer was very knowledgeable on a wide variety of subjects. A pleasure being bombarded with so much information."
Japie Van Der Merwe, SBM. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (8/7/2019 to 12/7/2019)

"It was a very useful experience and I feel more confident in my ability to pass the exam."
Anonymous. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (8/7/2019 to 12/7/2019)

"Fantastic course, presentation and delivery and great use of real life examples to help the learning process. Thank you!"
Cy Glaister, Self. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (12/3/2018 to 16/3/2018)

"Enjoyed the course very much, the trainers experience was wide ranging and comprehensive and was tapping into his knowledge and experience throughput the course, with some terrific examples of cyber security breaches and the damage it can cause."
A.P.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (12/3/2018 to 16/3/2018)

"The instructor's teaching techniques, real world examples and ability to share information were invaluable."
D.S.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (12/3/2018 to 16/3/2018)

"The centre is very well equipped, with many courses going on at the same time but all independent. The shared meal-times and general communal facilities at Wyboston are great. The lecturer was well prepared, the course was well structured and the materials were good in support of the learning objectives."
Dave Pearson. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (30/10/2017 to 3/11/2017)

"Course was interactive, and beneficial with extensive content. Food was plentiful, good facilities with friendly staff."
Roman Hill, Fiserv . - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"Very impressed with the details of the course and thanks to the instructor for assisting us and guiding us through the course. "
Anjay Mandalia, WOODGROUP . - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"A very informative and enjoyable experience."
I.M.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"5 Day GICSP is lead by an absolutely brilliant instructor. His wealth of knowledge is evident and his passion for the subject unmatched. He brought to life the training with real world scenarios and practical tips. I would strongly recommend this to any practitioner/aspiring professional within the ICS space."
L.S.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (4/9/2017 to 8/9/2017)

"Great teaching from skilled and experienced instructors."
Thomas Tronier-Rasmussen, DONG Energy Denmark. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/3/2017 to 17/3/2017)

"Our instructor for GICSP was very knowledgeable and very experienced, and this experience added a lot of value to the training that we received at Wyboston Lakes. The venue itself is also very good and lends itself well to intensive training courses. By the end of the week, we had developed camaraderie among the class, and a high degree of confidence that we will be able to pass our certification exams in the near future."
Robert Barnes. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/3/2017 to 17/3/2017)

"Our Trainer was extremely knowledgeable, helpful and very good at explaining things. Facilities and accommodation very good. No complaints especially as I passed."
D.H, Northumbrian Water Ltd. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/6/2016 to 17/6/2016)

"The real world experience from the instructor proves invaluable - a lot to learn not just about passing the exam"
Nicolas Goupil. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (13/6/2016 to 17/6/2016)

"This was my first experience with Firebrand and it went really well. The course was really intense and we were going through a lot. One thing, I would like to mention is that you should have a good and solid knowledge prior to taking this course, purely due to volume of material you have to go through. Facilities and Environment was really good. You have all the tools that you need to make it a successful training. Instructor was really knowledgeable and had lots of hands on experience. Definitely recommend to anyone."
D.I.. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Firebrand Training is the best training centre ever! I have experienced extended help from my instructor when I decided not to sit for my exam due to a health problem, and was able to encourage me on when I should sit and pass my exam. Firebrand can help you to find the hiding talent you have."
Zaituni Mmari, eProcess international S.A (ECOBANK GROUP). - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Excellent facility, instruction and accommodation. Felt well prepared for the exam although it is important to remember to attend to the pre-requisites before arriving. Thanks for an immersive and successful week."
T.R., E.ON UK. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (7/9/2015 to 11/9/2015)

"Great training facility and as long as you're willing to put the work in, you will get value from any Firebrand course."
P.A, Chemring Technology Solutions. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (26/1/2015 to 30/1/2015)

"Excellent facilities and course diversity. Instructor was again excellent and the boot camp style of learning beneficial to my learning style."
E.B, Chemring Technology Solutions. - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (26/1/2015 to 30/1/2015)

"Good knowledge and experience on Cyber Security for ICS."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Firebrand provided a first class course and testing centre and makes getting the certification very simple. Having both training and exam in a single centre was very helpful."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Perfect!"
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"Great course with big knowledge in a team of different experiences."
Anonymous - GIAC Global Industrial Cyber Security Professional (GICSP) (5 days) (21/11/2016 to 25/11/2016)

"The training was in a relaxed atmosphere with good facilities and a great instructor.Thanks!"
C.B.. - CompTIA Cloud+ (3 days) (7/8/2019 to 9/8/2019)

"I found the course very interesting, providing a great deal of information around various use cases for cloud modules. The instructor ran the course very well, being engaging and informative throughout."
Anonymous, IBM. - CompTIA Cloud+ (3 days) (7/8/2019 to 9/8/2019)

"Enjoyed visit to Wyboston lakes. Staff and facilities were exceptional - Highly recommended for those who want to learn in accelerated mode !"
S.R.. - Microsoft MCSA: BI Reporting (4 days) (5/8/2019 to 8/8/2019)

"Very friendly atmosphere and everyone is very helpful."
Thomas Stephens. - Microsoft MCSA: BI Reporting (4 days) (5/8/2019 to 8/8/2019)

"Very informative and helpful with questions enabling me to get my certification."
Michael Howard. - Microsoft MCSA: BI Reporting (4 days) (5/8/2019 to 8/8/2019)

"Intense.. but good!"
K.P.. - Microsoft MCSA: BI Reporting (4 days) (5/8/2019 to 8/8/2019)

"The lecturer is very knowledgeable and charismatic. I really enjoyed my course and learned a lot."
Anonymous. - Microsoft MCSA: BI Reporting (4 days) (5/8/2019 to 8/8/2019)

"Although long hours, the instruction was excellent. Lots of examples of cyber security in the real world making it more real. Thank you."
C.F., MoD. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"Good focused environment in which to learn and meet peers."
Anonymous. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"I have used Firebrand Training a few times now and they never disappoint. The instructor did everything in his power to ensure that he covered various learning styles and has vast experience in the area he teaches. All of the staff onsite are friendly and do their utmost to ensure you have everything you need."
Melanie Taylor, Security Risk Managemnt . - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"The experience re-ignited my passion for learning and more importantly, and seek to implement that learning."
J.P.. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"An intense week of training, but totally worth it!"
Anonymous. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"Excellent experience to get your head down and really concentrate on the subject matter."
Anonymous, NA. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"Although intensive, there was still time to explore topics that were interesting and particularly useful. I learnt more than I thought I would."
Robert Baxter. - Microsoft Programming in C# (4 days) (29/7/2019 to 1/8/2019)

"Firebrand offers a unique experience with on-site learning. This empowers you to dedicate your complete focus on gaining a good understanding of the subject material in a short amount of time."
C.N.. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"The instructor is a star with a depth of knowledge that got me to the pass."
Anonymous. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"A wonderful self contained bubble in the middle of nowhere, with excellent facilities, trainer and life support systems. Perfectly set up to support the focus and consolidation for the knowledge and techniques needed to pass the CISSP."
Alan Morris, Crawford and company. - (ISC)2 CISSP Boot Camp (6 days) (29/7/2019 to 3/8/2019)

"Fast paced and hard work, but good"
Anonymous. - Microsoft Dynamics 365 Customisation and Configuration (4 days) (29/7/2019 to 1/8/2019)

"Very well-organised, great communication, fabulous facilities and approachable well-informed instructor .The instructor provided real-life examples and clear explanations with relevant slides, notes, lab work and practice questions. Also. there are small, informal,and supportive groups.As well as, good and nearby accommodation. There is Lots of Food! The hot chocolate kept me going late at night ."
Anonymous. - Microsoft Dynamics 365 Customisation and Configuration (4 days) (29/7/2019 to 1/8/2019)

"Would recommend to anyone wanting an intense training session with great staff."
Anonymous. - Microsoft Programming in C# (4 days) (29/7/2019 to 1/8/2019)

"Great training course and a great instructor. Very intensive but highly informative."
S.B.. - CompTIA Security+ Certification (3 days) (29/7/2019 to 31/7/2019)

"Nice facilities, contextual learning, practical examples, and a knowledgeable and engaging tutor. "
Y.M.. - CompTIA Security+ Certification (3 days) (29/7/2019 to 31/7/2019)

"The course is very in depth and beneficial, sometimes it can be complicated but not only do the teachers help you, a lot of the other students do as well. "
M.S., Cyber threat Security LTD. - CompTIA Security+ Certification (3 days) (29/7/2019 to 31/7/2019)

"Firebrand training really is accelerated learning at its finest.From the experienced instructors, to the course content and guidance to help you prepare for the exam/takeaways to your given career.I loved my stay here and if I was planning to do another course which firebrand offers, I would not look else where."
Abdulkarim Youssof, KDS UK Ltd. - Microsoft Programming in C# (4 days) (29/7/2019 to 1/8/2019)

"Great quality of teaching along with the enthusiasm of the trainer to break every step down into real world examples helped my understanding. Would recommend to anyone wanting an intense training session with great staff."
Matthew Kemp. - Microsoft Programming in C# (4 days) (29/7/2019 to 1/8/2019)

"I think the course was great and the instructor taught us well given the time he had. "
Umera Saddiq, Thomson Reuters . - CompTIA Security+ Certification (3 days) (29/7/2019 to 31/7/2019)

"Great training and knowledgeable instructor."
Anonymous. - CompTIA Security+ Certification (3 days) (29/7/2019 to 31/7/2019)

Latest GCIA Reviews from our students