Loading...

Course Description

This course provides a comprehensive overview of incident response & computer forensics. Topics include everything from establishing policies and procedures to collecting data from live Windows and Unix machines. Several hands-on exercises utilizing the HELIX Forensics CD will be incorporated into the course to allow you to perform live forensic analysis on the operating system. Tools Include: Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR2), First Responder’s Evidence Disk (FRED), First Responder Utility (FRU), Md5 Generator, File Recovery, Rootkit Revealer and many others. 

SEC300 is the forth course in the Cybersecurity Professional Certificate. To complete the certificate students will also enroll in SEC100SEC200SEC300, & SEC500Click on each course link for more details and to add to cart.

Course Outline

· Introduction to Incident Response and Forensics o

o Real-World Incidents o

o Case Studies

o Attack Lifecycle Phases

· Incident Response Process

o Incident Response Policy

o What is an Incident?

o Incident Response Goals

o NIST Incident Response Process

 · Preparing for an Incident

o Pre-Incident Activities

· Data Collection

o Live Data Collection

· Evidence Handling o Evidence

o Chan of Custody

o Evidence Integrity

· Network Evidence

o Network-based Evidence

o Goals of Network Monitoring

o Types of Network Monitoring o Wireshark and OtherTools

· Memory Evidence

o Memory Forensics

o Memory Acquisition

o Redline

o Memory Analysis to Find Evil

§ Zeus

§ Stuxnet

§ Storm Worm Rootkit

§ TDSS Rootkit

· Remediation o Remediation Workflow

o Remediation Owner

o Remediation Actions

· Putting it All Together

Prerequisites

SEC100 Information Security Essentials or equivalent experience

Duration

12 Hours | 2 Days or 4 Nights

Loading...
Enroll Now - Select a section to enroll in
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
T, Th
Time (Central Time)
5:30PM to 8:30PM
Dates
Apr 04, 2023 to Apr 13, 2023
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Jul 10, 2023 to Jul 19, 2023
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Sep 25, 2023 to Oct 04, 2023
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.