Loading...

Course Description

This course provides a comprehensive overview of incident response & computer forensics. Topics include everything from establishing policies and procedures to collecting data from live Windows and Unix machines. Several hands-on exercises utilizing the HELIX Forensics CD will be incorporated into the course to allow you to perform live forensic analysis on the operating system. Tools Include: Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR2), First Responder’s Evidence Disk (FRED), First Responder Utility (FRU), Md5 Generator, File Recovery, Rootkit Revealer and many others. 

Course Outline

· Introduction to Incident Response and Forensics o

o Real-World Incidents o

o Case Studies

o Attack Lifecycle Phases

· Incident Response Process

o Incident Response Policy

o What is an Incident?

o Incident Response Goals

o NIST Incident Response Process

 · Preparing for an Incident

o Pre-Incident Activities

· Data Collection

o Live Data Collection

· Evidence Handling o Evidence

o Chan of Custody

o Evidence Integrity

· Network Evidence

o Network-based Evidence

o Goals of Network Monitoring

o Types of Network Monitoring o Wireshark and OtherTools

· Memory Evidence

o Memory Forensics

o Memory Acquisition

o Redline

o Memory Analysis to Find Evil

§ Zeus

§ Stuxnet

§ Storm Worm Rootkit

§ TDSS Rootkit

· Remediation o Remediation Workflow

o Remediation Owner

o Remediation Actions

· Putting it All Together

Prerequisites

SEC100 Information Security Essentials or equivalent experience

Duration

12 Hours | 2 Days or 4 Nights

Applies Towards the Following Certificates

Loading...
Enroll Now - Select a section to enroll in
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time
5:30PM to 8:30PM
Dates
Aug 23, 2021 to Sep 01, 2021
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time
5:30PM to 8:30PM
Dates
Nov 01, 2021 to Nov 10, 2021
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.