A student needs to meet the following prequisites in order to fully benefit from the course:

  • Must have a Digital or Computer Forensics Certification or equivalent knowledge
  • 2 years of experience in IT Security; Working Knowledge of TCP/IP

Course outcome

Participants will be able to apply forensically-sound best practice techniques against virtual infrastructure entities in the following use case scenarios:

  • Identifying direct evidence of a crime
  • Attributing evidence to specific suspects
  • Confirming (or negating) suspect alibis
  • Confirming (or negating) suspect statements
  • Determining (or negating) suspect intent
  • Determining (or negating) Identifying sources
  • Determining (or negating) Authenticating documents

Who should attend

This course was designed for the benefit of the following organization roles:

  • Digital & Network Forensic Engineers
  • IS & IT managers
  • Network Auditors


  1. C)NFE Electronic Book (Workbook/Lab Guide)
  2. C)NFE Exam Prep Questions
  3. C)NFE Exam
  4. C)NFE Online Video
  5. Cyber Range access for 2 weeks (request login from Mile2 when it suits you.)

Course outline

  • Module 1: Digital Evidence Concepts
  • Module 2: Network Evidence Challenges
  • Module 3: Network Forensics Investigative Methodology
  • Module 4: Network-Based Evidence
  • Module 5: Network Principles
  • Module 6: Internet Protocol Suite
  • Module 7: Physical Interception
  • Module 8: Traffic Acquisition SoftwareScanning
  • Module 9: Live Acquisition
  • Module 10: Analysis
  • Module 11: Layer 2 Protocol
  • Module 12: Wireless Access Points
  • Module 13: Wireless Capture Traffic and Analysis
  • Module 14: Wireless Attacks
  • Module 15: NIDS Snort
  • Module 16: Centralized Logging and Syslog
  • Module 17: Investigating Network Devices
  • Module 18: Web Proxies and Encryption
  • Module 19: Network Tunneling Scanning
  • Module 20: Malware Forensics

Lab Outline

  • Module 4, 5 & 6: Working with Captured Files
  • Module 7, 8, 9 10, 11: Evidence Acquisition
  • Module 12, 13, 14: Wireless Traffic Evidence Acquisition
  • Module 15: IDS/IPS Forensics
  • Module 16 & 21: Network forensics and investigating logs
  • Module 17 & 18: SSL & Encryption
  • Module 20: Malware Forensics

Short description

A course that expands upon existing digital and network forensic skill sets. The course is focussed on the centralizing and investigating of logging systems as well as network devices.

Expanded description

The Certified Network Forensics Examiner is a vendor-neutral certification. The C)NFE takes a digital and network forensic skill set to the next level by navigating through over twenty modules of network forensic topics. The C)NFE provides practical experience through our lab exercises that simulate real-world scenarios that cover investigation and recovery of data in a network, Physical Interception, Traffic Acquisition, Analysis, Wireless Attacks, and SNORT. The course focuses on the centralizing and investigating of logging systems as well as network devices.

 875,00 (excl. BTW)
Offerte aanvragen