Certification Provider: GIAC
Exam Name: GIAC Certified Intrusion Analyst
Number of questions in our database: 364
Exam Version: Jan. 27, 2023
Exam Official Topics:
- Topic 1: Demonstrate an understanding of how DNS works for both legitimate and malicious purposes/ IDS Fundamentals and Network Architecture
- Topic 2: Demonstrate knowledge relating to packet crafting and manipulation/ Demonstrate understanding of the TCP/IP communications model and link layer operations
- Topic 3: Demonstrate competence in analyzing data from multiple sources as part of a forensic investigation/ Demonstrate ability to craft tcpdump filters that match on given criteria
- Topic 4: Demonstrate the ability to analyze network and application traffic to identify both normal and malicious behaviors/ Demonstrate an understanding of IDS tuning methods and correlation issues
- Topic 5: Demonstrate knowledge and skill relating to application layer protocol dissection and analysis/ How to identify fragmentation and fragmentation-based attacks in packet captures
- Topic 6: Demonstrate knowledge of fundamental IDS concepts, such as network architecture options/ Demonstrate understanding of how fragmentation works
- Topic 7: Demonstrate an understanding of SiLK and other tools to perform network traffic and flow analysis/ Create effective IDS rules to detect varied types of malicious activity
- Topic 8: Demonstrate understanding of the UDP and ICMP protocols and the ability to discern between typical and anomalous behavior/ Advanced Analysis and Network Forensics
Submit Cancel