The incredible development of technology, which we have been witnessing for the past decade has brought a number of new professions and exciting career opportunities. From Certified Ethical Hackers (CEH) to Digital Forensics, to many of these sound too cool to be true. Yet, they are true. And now digital forensics, more commonly known as Network Forensics, is getting an official certification program. Global Information Assurance Certification (GIAC), a leading provider of security certifications, is releasing a brand new credential: GIAC Network Forensics Analyst, or GNFA.
What is Network Forensics?
With a number of cybercriminals and cyber crimes steadily growing (no surprise as more and more various operations are conducted online), there is little wonder that digital forensics is on the rise. From government and law enforcement agencies to private companies and international corporations, digital security and forensics professionals are highly in demand. If you’re eying this career, you need to know that network forensics experts should be capable of blocking the majority of system attacks, as well as, more importantly, to implicate the aggressors who manage to penetrate the system, or commit a cybercrime.
Cybercriminals become harder and harder to identify as their get better at hiding their traces, so they are harder to identify. Network forensics collects data from network traffic and analyzes it for threats or intrusions. As a result, a good network forensics expert should have a very solid understanding of how the system is built, as well as possess great analytical skills and understand the trends of how traffic flows.
Previously, there has been no certification to validate the skills in network forensics. Recently,GAC has announced the very first credential of such kind, GNFA (GIAC Network Forensics Analyst), which will be available starting this Monday, November 3, 2014.
The GNFA certification was developed for professionals who want to validate their qualification to perform examinations employing network forensic artifact analysis. This requires 100% understanding of the fundamentals of network forensics, normal and abnormal conditions for common network protocols, the process and tools used to examine device and system logs, wireless communication and encrypted protocols.
GNFA Exam Will Cover the Following Topics/Objectives:
- Common Network Protocols – understanding of the behavior, security risks and controls of common network protocols.
- Encryption and Encoding – techniques and practices used to encode and encrypt common network traffic and common attacks on these controls.
- NetFlow Analysis and Attack Visualization – the use of NetFlow data and information sources to identify network attacks.
- Network Analysis Tools and Usage – open source packet analysis tools and their purpose to effectively filter and rebuild data streams for analysis.
- Network Architecture – design and deployment of a network employing diverse transmission and collection technologies.
- Network Protocol Reverse Engineering – the tools and techniques required to analyze diverse protocols and data traversing a network environment.
- Open Source Network Security Proxies – the architecture, deployment, benefits and weaknesses of network security proxies, common log formats and flow of data in a network environment.
- Security Event and Incident Logging – various log formats, protocols and the security impact of the event generating processes; configuration and deployment strategies to secure and position logging aggregators and collection devices throughout a network environment.
- Wireless Network Analysis the process to identify and control the risks associated with wireless technologies, protocols and infrastructure.
GNFA exam and certification are available starting November 3, 2014.