Courses
This course provides a comprehensive overview of incident response & computer forensics. Topics include everything from establishing policies and procedures to collecting data from live Windows and Unix machines. Several hands-on exercises utilizing the HELIX Forensics CD will be incorporated into the course to allow you to perform live forensic analysis on the operating system.
Tools Include: Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR2), First Responder’s Evidence Disk (FRED), First Responder Utility (FRU), Md5 Generator, File Recovery, Rootkit Revealer and many others.
This course is for system administrators, incident responders, cyber security professionals and anyone interested in both the technical and non-technical aspects of computer incident response and forensic analysis.
IT Security Fundamentals (SEC005), or equivalent experience.
- Understand the type of risks and best practices for preventing these risks
- Learn how to monitor computer systems for evidence of malicious activity
- Understand the steps involved in incident response process
- Learn how to analyze data gathered during an investigation
- Introduction
- Real-World Incidents
- Incident Response Process
- Preparing for Incident Response
- Incident Response Detection
- Data Collection
- Live Collections
- Forensic Duplication
- Network-based Evidence
- Evidence Handling
- Data Analysis
- Computer Storage Fundamentals
- Data Analysis
- Computer Investigations
- Network Traffic Analysis
- Hacker Tools
- Forensic Reports
12
1.2
