View the course listing on
NICCS.US-CERT.GOV

Phase2 Advantage Listing on NICCS

Certified Network Forensic Analysis Manager

Certified Network Forensic Analysis Manager

The Certified Network Forensic Analysis Manager certification course was originally developed for the U.S. government, and has now been made available to city, county, and state law enforcement agencies.  Civilian personnel outside the law enforcement community are also authorized to attend on a case-by-case basis.

This comprehensive course brings incident response and network forensic core competencies to advanced levels by presenting students with 12 detailed learning objectives. Students will be provided with both experiential knowledge and practical skills that simulate real-world scenarios, investigations, and recovery of evidentiary data in systems and networks.  With a specific focus on the centralizing and investigating of logging systems and network devices, students will cover topics such as: Incident Response Management; Live Data Collection; Analysis Methodology; Malware Triage; and, practical lab exercises utilizing the Wireshark packet capturing tool for network investigations.

Course Outline and Learning Objectives

01) Preparing for Incidents / Forensic Investigations
02) Incident Response Management
03) Pre-Incident Preparation
04) Initiating Incident / Forensic Investigations
05) Initial Development of Leads
06) Principles of Live Data Collection

07) Principles of Network Evidence
08) Enterprise Services and Topology
09) Forensic Analysis Methodology
10) Static / Dynamic Malware Triage
11) Incident Remediation Methodologies
12) Wireshark Labs: Packet Capture Analysis

Course Materials

Hardcopy Training Materials

Digital Training Materials

Course Textbook(s)
Course Workbook
Supplemental Handout
USB Drives, Pens, Pads

Course Workbook
Course Video Series
CPE Completion Certificate
Course Exam Simulator

Certification Exam Included in Course Fee

Additional Information

English

5 Days

Digital Forensic Examiners
Network Administrations
SOC Personnel
Incident Handling Managers
Information Security Personnel
System Administrators
IT Security Managers

40

$3,500

The Certified Network Forensic Analysis Manager course is a component of the career progression track that supports the following Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework:

Exploitation Analyst
(AN-EXP-001)

Cyber Crime Investigator
(IN-INV-001)

Law Enforcement / Counterintelligence Forensics Analyst
(IN-FOR-001)

All Source – Collection Manager
(CO-CLO-001)

Cyber Intel Planner
(CL-OPL-001)

Cyber Defense Forensics Analyst
(IN-FOR-002)

Average Yearly Salary:

Certification Examination

Phase2 Advantage Certification Exam

Upon completion of this course, students will be prepared to sit for the Network Forensic Analysis Manager certification examination.  The proctored examination will be offered at the conclusion of the final training day.

Students will have two hours to complete a computer-based examination consisting of 100 questions. A score of 70% or higher is required to earn the certification.  Upon successful completion of the exam, students will receive a hardcopy of their certification and a proctor validation document from the course instructor.  Students will also receive a 40-hour CPE Certificate regardless of their exam score.

The examination is “closed book.”  However, students will be able to use their notes taken during the presentation of the lecture material.  Proctored examinations and proctor validation documents are only available for courses taken in a physical classroom environment

Contact Us for The Ultimate Training Experience

Contact Us

(912) 244-0394

Contact Us

Info@Phase2Advantage.com

Contact US

Phase2Advantage.com/Contact

previous arrow
next arrow
Slider