GCIA is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.
Attendees to TN-979: GIAC Certified Intrusion Analyst (GCIA) will receive TechNow approved course materials and expert instruction.
Duration: 9 days
- Advanced Snort Concepts
- Analyst Toolkit
- Domain Name System (DNS)
- Examining Packet Crafting
- Examining Packet Header Fields
- ICMP Theory
- IDS Interoperability
- IDS Patterns
- IDS/IPS Management and Architecture Issues
- Indications & Warnings and Traffic Correlation
- Microsoft Protocols
- Network Traffic Analysis
- NIDS Evasion, Instertion, and Checksums
- Snort Fundamentals and Configuration
- Snort GUIs & Sensor Management
- Snort Performance, Active Response & Tagging
- Snort Rules
- Stimulus Response
- TCPdump Fundamentals
- TCP/IP Fundamentals
- Wireshark Fundamentals
- Writing TCPdump Filters
- GSEC or equivalent experience
- UNIX, Windows, networking, and security experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Latest comments from students
Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.
Facilities comments: Very nice and clean hotel.
Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.
Instructor comments: Dave was good, very knowledgeable.