What is GNFA certification?
Overview
GNFA certification which is for GIAC Network Forensic Analyst is an international cybersecurity certificate maintained and provided by GIAC. Moreover, the certificate validates a practitioner’s ability to perform investigations employing network forensic artifact analysis.
The certificate evaluates the candidates’ capability and understanding of fundamental network forensics processes and tools we use to examine device and system logs.
GNFA Certification Requirements
The exam requires aspirants to clearly demonstrate their understanding of network forensics, network protocols normal and anomalous behaviors. In addition, candidates should also be able to understand processes and tools used to investigate logs of devices and systems, wireless communication networks, and encrypted protocols. Moreover, it is a certification program for individuals who are interested to work on computer network intrusions and investigation processes. However, candidates should have solid experience in computer forensics, information systems, and information security areas.
Candidates should demonstrate their understanding of common network protocols and associated reverse engineering techniques. Moreover, they should have solid understanding of network architectures and analysis and visualization tools, such as NetFlow. In addition, the exam requires the candidates to demonstrate their understanding of the architecture, deployment, benefits and weaknesses of network security proxies, common log formats and flow of data in a network environment. Last but not least, the candidates should familiarize themselves with processes to identify and control the risks associated with wireless technologies, protocols and infrastructure to earn the credential.
GNFA certification covers the following domains:
- Network architecture, network protocols, and network protocol reverse engineering.
- Encryption and encoding, NetFlow analysis and attack visualization, security event & incident logging.
- Network analysis tools and usage, wireless network analysis, & open source network security proxies.
Aspirants should visit the official site for up-to-date exam information.
The GNFA certificate exam contains a minimum of 56 and a maximum of multiple choice questions. Candidates work on the exam for a duration of 2-3 hours depending on their performance. Further, they should attain a minimum passing score of 70% to earn this credential. The exam administered at Pearson VUE authorized test centers and online remote proctoring through ProctorU.