Global Certified Firewall Analyst

Target

Individuals responsible for designing, implementing, configuring, and monitoring a secure perimeter for any organization; including routers, firewalls, VPNs/remote access, and overall network design.

The topic areas for each exam part follow:

1. Advanced Perimeter Protection: The candidate will demonstrate understanding of perimeter protection technologies and techniques including proxies, application firewalls, virtual firewalls, deep packet inspection and UTM
2. Cloud Security: The candidate will demonstrate familiarity with cloud service, infrastructure and security issues
3. Creating and Auditing a Rulebase: The candidate will demonstrate an understanding of building and verifying firewall rulebases that serve the needs of the business and map to security policy.
4. Host-Based Detection and DLP: The candidate will demonstrate understanding of the capabilities of HIDS and HIPS, and be familiar with DLP techniques.
5. IPv6 and ICMPv6: The candidate will understand the basics of IP and ICMP version 6.
6. Log Collection and Analysis: The candidate will demonstrate understanding of techniques for centralizing log collection and analyzing firewall logs.
7. Network Based Intrusion Detection and Prevention (NIPS/NIDS): The candidate will demonstrate an understanding of network intrusion detection and prevention devices and techniques
8. Packet Fragmentation: The candidate will demonstrate an understanding of how fragmentation works and fragmentation-based attacks.
9. Perimeter Concepts and IP Fundamentals: The candidate will demonstrate a thorough understanding of the IP header, and basic perimeter concepts including services, firewalls, and layered security.
10. Routers Security and Network Access Control: The candidate will demonstrate understanding of the basics of router hardening and NAC through Cisco IOS security configuration and applying ACLs
11. Securing Hosts and Services: The candidate will demonstrate an understanding of the principles, tools, and techniques for securing externally accessible hosts and common server services.
12. Static and Stateful Packet Filtering: The candidate will demonstrate an understanding of how static and stateful packet filters work and how to filter and analyze traffic using Netfilter and other open source tools
13. TCP/IP Protocols: The candidate will demonstrate a thorough understanding of TCP, UDP and ICMP.
14. VPN Basics and Implementation: The candidate will demonstrate an understanding of VPN authentication, encryption and implementation, including an understanding of remote access protocols and technologies
15. Vulnerabilty Assessment and Auditing: The candidate will demonstrate an understanding of network vulnerability assessments and auditing using common network and OS tools
16. Wireless Design and Security: The candidate will demonstrate familiarity with basic wireless network design and security issues