Live Classes: C)NFE- Certified Network Forensics Examiner Certification Course | Mile2® - Cyber Security Certifications
Shopping cart
There are no products in your cart.
Log in


C)NFE- Certified Network Forensics Examiner Certification Course

Class Format:
Class Dates

This 5 day advanced course was originally designed for a select U.S. Government Agency. The C)NFE certification program will prepare students to exercise true advanced networking forensics techniques through the use of proprietary labs in Mile2's exclusive cyber range.

Email questions to:  [email protected]


You should attend this course if you are:

  • Cyber Security team members who need to respond to intrusions, ‘hacks’ and incidents in their network.
  • Cyber Security team members that are required to know how to examine, probe, trace, frisk, and interrogate their network(s) to find out how they were compromised.
  • Those IT pros that want to advance their network investigative and incident response handling policies, procedures and techniques.

Registration in this 5 day class includes the Course KitCyber Range access during class and a certificate of completion.   


C)NFE Course Outline


Lab 1 - Working with captured files
Exercise 1 - HTTP.pcap
Exercise 2 - SMB.pcap
Exercise 3 - SIP_RTP.pcap

Lab 2 – Layer 2 Attacks
Exercise 1 – Analyze the capture of macof.
Exercise 2 – Manipulating the STP root bridge election process
Lab 2 - Active Evidence Acquisition

Lab 3 - Preparing for Packet Inspection

Lab 4 - Analyzing Packet Captures
Exercise 2: Analyze TKIP and CCMP Frames starting from 4-Way Handshake process.

Lab 5 - Case Study: ABC Real Estate

Exercise 1 - Use Snort as Packet Sniffer
Exercise 2 - Use Snort as a packet logger
Exercise 3 - Check Snort’s IDS abilities with pre-captured attack pattern files

Lab 7 - Syslog Exercise

Lab 8 - Network Device Log

Exercise 1- Decrypting SSL Traffic by using a given Certificate Private Key
Exercise 2 – SSL and Friendly Man-in-the-middle



Mile2 Ultimate