We have witnessed the incredible growth of technology over the past decade, which has opened up many new career options and professions. Many of these professions sound too good to be true, including Certified Ethical Hackers (CEH), Digital Forensics and Digital Forensics. They are, however, true. Now, digital forensics, also known as Network Forensics or GIAC, has an official certification program. Global Information Assurance Certification (GIAC), a leader in security certifications, has released a new credential, the GIAC Network Forensics Analyst, or GNFA.
What is Network Forensics and how can it help you?
It is no surprise that digital forensics is gaining popularity due to the increasing number of cybercriminals. Digital security and forensics professionals are in high demand from government agencies and law enforcement agencies to private businesses and international corporations. If you are interested in this career, network forensics specialists should be able to block the majority of system attacks and, more importantly, to identify the aggressors who managed to penetrate the system or commit cybercrime.
As cybercriminals hide their tracks better, it becomes harder to identify them. Network forensics analyzes network traffic to identify intrusions and threats. A network forensics expert must have a solid understanding of the system’s architecture and be able to analyze traffic patterns and identify trends.
GNFA Certification
There has never been a certification that validated skills in network forensics. GAC recently announced the first credential in this field, GNFA (GIAC Network Forensics Analyst), that will be available beginning Monday, November 3, 2014.
The GNFA certification is for professionals who wish to validate their ability to perform network forensic artifact analysis examinations. This certification requires a complete understanding of network forensics, normal or abnormal conditions for common protocols, and the process and tools used in examining device and system logs, wireless communications, and encrypted protocols.
The following topics/objectives will be covered in the GNFA Exam:
Common Network Protocols – Understanding the behavior, security risks, and controls of common networks protocols.
Encryption & Encoding – Techniques and practices used to encrypt and decrypt network traffic, and common attacks against these controls.
NetFlow Analysis and Attack Visualization: The use of NetFlow data to identify network attacks.
Network Analysis Tools and Usage: Open Source Packet Analysis Tools. They are designed to efficiently filter and rebuild data streams for analysis.
Network Architecture – Design and deployment of a network that uses diverse transmission and collection technologies.
Network Protocol Reverse Engineering is a set of tools and techniques that allow you to analyze different protocols and data in a network environment.
Open Source Network Security Proxy – The architecture, deployment, benefits, weaknesses, common log formats, and flow of data within a network environment.
Security Event and Incident Logging: Log formats, protocols, and security impact of event-generating processes. Configuration and deployment strategies to secure and position logging collection devices and aggregators throughout a network environment.
Wireless Network Analysis is a process that identifies and controls the risks associated wireless protocols, infrastructure, and technologies.
The GNFA exam and certification will be available beginning November 3, 2014.