GIAC Intrusion Analyst (GCIA) Exam Syllabus

GCIA PDF, GCIA Dumps, GCIA VCE, Intrusion Analyst Questions PDF, GIAC Intrusion Analyst VCEUse this quick start guide to collect all the information about GIAC GCIA Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Intrusion Analyst (GCIA) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Certified Intrusion Analyst (GCIA) certification exam.

The GIAC GCIA certification is mainly targeted to those candidates who want to build their career in Cyber Defense domain. The GIAC Certified Intrusion Analyst (GCIA) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GCIA.

GIAC GCIA Exam Summary:

Exam Name GIAC Certified Intrusion Analyst (GCIA)
Exam Code GCIA
Exam Price $1899 (USD)
Duration 240 mins
Number of Questions 100-150
Passing Score 68%
Schedule Exam Pearson VUE
Sample Questions GIAC GCIA Sample Questions
Practice Exam GIAC GCIA Certification Practice Exam

GIAC GCIA Exam Syllabus Topics:

Topic Details
Advanced Analysis and Network Forensics - The candidate will demonstrate competence in analyzing various data points (e.g. full packet capture, netflow, logs) and associated artifacts and demonstrate ability to conclude cause or effect.
Advanced IDS Concepts - Demonstrate an understanding of IDS tuning methods and correlation issues (e.g., snort, bro)
Application Protocols - The candidate will demonstrate knowledge, skill, and ability relating to application layer protocol dissection and analysis including HTTP, SMTP, and various Microsoft protocols.
Concepts of TCP/IP and the Link Layer - The candidate will understand the the TCP/IP communications model and link layer operations.
DNS - The candidate will demonstrate a thorough understanding of how DNS works for both legitimate and malicious purposes.
Fragmentation - The candidate will demonstrate comprehension of how fragmentation works through theory and packet capture examples, as well as the concepts behind fragmentation-based attacks.
IDS Fundamentals and Network Architecture - Understand fundamental IDS concepts, such as network architecture options and benefits/weaknesses of common IDS systems.
IDS Rules - Create effective IDS (e.g., snort, bro) rules to detect varied types of malicious activity.
IP Headers - The candidate will demonstrate the ability to dissect IP packet headers and analyze them for normal and anomalous values that may point to security issues.
IPv6 - The candidate will demonstrate knowledge, skill and ability relating to the analysis of IPv6 as well as issues involving IP6 over IPv4.
Network Traffic Analysis - The candidate will demonstrate the ability to analyze real traffic and associated artifacts: malicious, normal and application traffic; and demonstrate the ability to discern malicious traffic from false positives.
Packet Engineering - The candidate will demonstrate knowledge, skill, and ability relating to packet engineering and manipulation including packet crafting, and IDS Evasion/Insertion.
Silk and Other Traffic Analysis Tools - The candidate will demonstrate the ability to use Silk and other tools to perform network traffic and flow analysis
TCP - The candidate will understand TCP communications as well as expected responses to given stimuli at this layer.
Tcpdump Filters The candidate will demonstrate the skill and ability to craft tcpdump filters that match on given criteria.
UDP and ICMP The candidate will demonstrated the ability to analyze both UDP and ICMP packets and recognize common issues.
Wireshark Fundamentals - The candidate will demonstrate the knowledge, skills, and abilities associated with traffic analysis using wireshark from an intermediate to high degree of proficiency.

To ensure success in GIAC GCIA certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Intrusion Analyst (GCIA) exam.

Rating: 4.8 / 5 (35 votes)