Scribd
Upload
258 views2 pages

SEC503 Exam Objectives

The document outlines the certification objectives for the GCIA exam. It covers a wide range of topics including DNS, TCP/IP fundamentals, IPv6, fragmentation, network traffic analysis using Wireshark, analyzing malicious and normal network traffic, TCP, UDP, application protocols, packet engineering, using analysis tools like Silk, network architecture and event correlation as it relates to intrusion detection, configuring intrusion detection systems like Snort and Bro, and understanding advanced IDS concepts.

Uploaded by

enesworld
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
258 views2 pages

SEC503 Exam Objectives

The document outlines the certification objectives for the GCIA exam. It covers a wide range of topics including DNS, TCP/IP fundamentals, IPv6, fragmentation, network traffic analysis using Wireshark, analyzing malicious and normal network traffic, TCP, UDP, application protocols, packet engineering, using analysis tools like Silk, network architecture and event correlation as it relates to intrusion detection, configuring intrusion detection systems like Snort and Bro, and understanding advanced IDS concepts.

Uploaded by

enesworld
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 2

GCIA Exam Certification Objectives

DNS
The candidate will demonstrate a thorough understanding of how DN wor!s for both legitimate and
malicious "ur"oses#
Tcpdump Filters
The candidate will demonstrate the s!ill and abilit$ to craft tc"dum" filters that match on given criteria#
IPv6
The candidate will demonstrate !nowledge% s!ill and abilit$ relating to the anal$sis of I&v' as well as
issues involving I&' over I&v(#
Fragmentation
The candidate will demonstrate com"rehension of how fragmentation wor!s through theor$ and "ac!et
ca"ture exam"les% as well as the conce"ts behind fragmentation)based attac!s#
Wireshark Fundamentals
The candidate will demonstrate the !nowledge% s!ills% and abilities associated with traffic anal$sis
using wireshar! from an intermediate to high degree of "roficienc$#
Network Traffic Analsis and Forensics
The candidate will demonstrate the abilit$ to anal$*e real traffic and associated artifacts+ malicious%
normal and a""lication traffic, and demonstrate the abilit$ to discern malicious traffic from false
"ositives#
!oncepts of T!P"IP and the #ink #aer
The candidate will understand the the TC&-I& communications model and lin! la$er o"erations
IP $eaders
The candidate will demonstrate the abilit$ to dissect I& "ac!et headers and anal$*e them for normal
and anomalous values that ma$ "oint to securit$ issues
T!P
The candidate will understand TC& communications as well as ex"ected res"onses to given stimuli at
this la$er
%DP and I!&P
The candidate will demonstrated the abilit$ to anal$*e both .D& and IC/& "ac!ets and recogni*e
common issues
Application Protocols
The candidate will demonstrate !nowledge% s!ill% and abilit$ relating to a""lication la$er "rotocol
dissection and anal$sis including 0TT&% /T&% and various /icrosoft "rotocols
Packet 'ngineering
The candidate will demonstrate !nowledge% s!ill% and abilit$ relating to "ac!et engineering and
mani"ulation including "ac!et crafting% O finger"rinting% and ID Evasion-Insertion
Silk and (ther Traffic Analsis Tools
The candidate will demonstrate the abilit$ to use il! and other tools to "erform networ! traffic and
flow anal$sis
Network Architecture and 'vent !orrelation
The candidate will demonstrate com"etence with issues relating to ID-I& management% networ!
architecture as it "ertains to intrusion detection% and event correlation and management
IDS )ules *e+g+, snort, -ro.
Create effective ID 1e#g#% snort% bro2 rules to detect varied t$"es of malicious activit$
Advanced IDS !oncepts
Demonstrate an understanding of ID tuning methods and correlation issues 1e#g#% snort% bro2
IDS Fundamentals and Initial Deploment *e+g+, snort, -ro.
.nderstand architecture% benefits-wea!nesses% and configuration o"tions of common ID s$stems#
Demonstrate abilit$ to configure and de"lo$ ID 1e#g#% snort% bro2

You might also like