Login     Signup
   info@zetlantechnologies.com        +91-8680961847

  /   GIAC Certification   /   GCDA Certification

GIAC Certified Detection Analyst (GCDA)

Practitioner Certification

The GIAC Certified Detection Analyst (GCDA) certification proves an individual knows how to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity.






Areas Covered


Who is GCDA for?


Exam Format

Note:GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GISF exam has been determined to be 72% for all candidates receiving access to their certification attempts on or after June 12th, 2018.

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE.

Course Details

1. GIAC Certified Detection Analyst

  • Alert Analysis
    • The candidate will demonstrate an understanding of how to analyze endpoint security logs, augment intrusion detection alerts, analyze vulnerability information, correlate malware sandbox logs, handle alerts efficiently, identify which alerts to retain and identify staff training opportunities.
  • Device Discovery
    • The candidate will demonstrate an understanding of how an environment can be more fully understood through the use of active and passive device discovery and how this understanding can be used to create baselines and detect anomolous behavior.
  • Endpoint Logging Analysis
    • The candidate will demonstrate an understanding of how to discover abnormal activity, establish baselines and optimize logging to find anomalous behavior through the use of endpoint logs, events of interest and host-based firewalls.
  • Endpoint Logging Collection
    • The candidate will demonstrate an understanding of how to identify attacks and analyze logs in both Windows and Linux environments and employ scripting to reduce log noise as well as establish collection strategies, both agentless and agent-oriented in these environments.
  • Log Aggregation and Parsing
    • The candidate will demonstrate an understanding of how log filters and message brokers can be used during data queuing and storage to enhance log retention and search response times, demonstrate an understanding of the methods and techniques used to perform analysis, analytical reporting, and alerting through the use of visualizations and detection dashboards.
  • Log Collection
    • The candidate will demonstrate an understanding of how data gathering strategies, event rates, storage requirements and staffing requirements inform SIEM planning and event logging device architecture, log monitoring for assets, data gathering and preservation strategies and techniques of log collection.
  • Log Output and Storage
    • The candidate will demonstrate an understanding of data queuing, resiliency and storage as well as how to perform analytical reporting and alerting through the use of visualizations and detection dashboards.
  • Network Service Log Analysis
    • The candidate will demonstrate an understanding of how to identify attacker characteristics, determine anomalous behavior and establish baseline behavior in common network protocol traffic such as SMTP, DNS, HTTP and HTTPS.
  • Network Service Log Collection & Enrichment
    • The candidate will demonstrate an understanding of detection methods and relevance to log analysis, analyzing common application logs, application of threat intelligence to generic network logs, correlation of network datasets and establishment of network baseline activity.
  • Post-Mortem Analysis
    • The candidate will demonstrate an understanding of how to use virtual machines and malware sandboxes, configure systems to generate event log alerts after compromise, identify unusual time-based activity and re-analyze network traffic after an
  • Software Monitoring
    • The candidate will demonstrate an understanding of how to identify authorized and unauthorized software, treat scripting tools and command line parameters as a special kind of software and source collection methodology.
  • User Monitoring
    • The candidate will demonstrate an understanding of how to utilize behavior analytics when analyzing user logons, built-in accounts and system services based on patterns, use network data to discover unauthorized use or assets, configure enterprise wide baseline collection and establish large scale persistence monitoring.


Fees Structure : 15500 INR / 185 USD
Total No of Class : 51 Video Class
Class Duration : 38:00 Working Hours
Download Feature : Download Avalable
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Brochure       Buy Now       Sample Demo

Fees Structure : 30000 INR / 355 USD
Class Duration : 60 Days
Class Recording : Live Class Recording available
Class Time : Monday to Firday 1.5 hours per day / Weekend 3 Hours per day
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Download Brochure       Pay Online

Information Technologies

Why People Like us!

For over a decade, we have been on a mission: helping everyone grow up in IT Industry. Today, we are asking that you join us.

Read More

More Info

About Us Contact Us Privacy Policy Terms & Condition Refund Policy FAQs & Help

Account

My Account Course Details Shopping Cart Wishlist Order History Payment Details

Contact

Address: Chennai, Tamilnadu, India

Email: info@zetlantechnologies.com

Phone: +91 8680961847

Payment Accepted

Zetlan Technologies, All right reserved.