Certified Network Forensic Analysis Manager
The Certified Network Forensic Analysis Manager certification course was originally developed for the U.S. government, and has now been made available to city, county, and state law enforcement agencies. Civilian personnel outside the law enforcement community are also authorized to attend on a case-by-case basis.
This comprehensive course brings incident response and network forensic core competencies to advanced levels by presenting students with 12 detailed learning objectives. Students will be provided with both experiential knowledge and practical skills that simulate real-world scenarios, investigations, and recovery of evidentiary data in systems and networks. With a specific focus on the centralizing and investigating of logging systems and network devices, students will cover topics such as: Incident Response Management; Live Data Collection; Analysis Methodology; Malware Triage; and, practical lab exercises utilizing the Wireshark packet capturing tool for network investigations.
Course Outline and Learning Objectives
01) Preparing for Incidents / Forensic Investigations
02) Incident Response Management
03) Pre-Incident Preparation
04) Initiating Incident / Forensic Investigations
05) Initial Development of Leads
06) Principles of Live Data Collection
07) Principles of Network Evidence
08) Enterprise Services and Topology
09) Forensic Analysis Methodology
10) Static / Dynamic Malware Triage
11) Incident Remediation Methodologies
12) Wireshark Labs: Packet Capture Analysis
Included in Course: Laptop with Lab Software
All students attending the Certified Network Forensic Analysis Manager course will be provided with a Dell laptop loaded with all software required for the practical labs. The software includes:
1) Oracle Virtual Box
2) Kali Linux
3) Wireshark Packet Capturing Tool
4) Student Virtual Machine
5) Access to Virtual Training Network
Students will have access to the Phase2 Advantage Virtual Training Network for three months (unlimited access) to develop and maintain their practical skills using the Wireshark packet capturing and analysis tool. A laptop carrying case will be provided for convenient transport to the students’ home location.
Dell Computer with Lab Software
Exam Prep Guide
Course Certification Certificate
CPE Completion Certificate
Certification Exam Included in Course Fee
Digital Forensic Examiners
Incident Handling Managers
Information Security Personnel
IT Security Managers
The Certified Network Forensic Analysis Manager course is a component of the career progression track that supports the following Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework:
Average Yearly Salary:
Upon completion of this course, students will be prepared to sit for the Network Forensic Analysis Manager certification examination. The proctored examination will be offered at the conclusion of the final training day.
Students will have two hours to complete a computer-based examination consisting of 100 questions. A score of 70% or higher is required to earn the certification. Upon successful completion of the exam, students will receive a hardcopy of their certification and a proctor validation document from the course instructor. Students will also receive a 40-hour CPE Certificate regardless of their exam score.
The examination is “closed book.” However, students will be able to use their notes taken during the presentation of the lecture material. Proctored examinations and proctor validation documents are only available for courses taken in a physical classroom environment
Contact Us for The Ultimate Training Experience