Loading...

Course Description

Short Course 12 hours 1.2 CEUs $950

This course provides a comprehensive overview of incident response & computer forensics. Topics include everything from establishing policies and procedures to collecting data from live Windows and Unix machines. Several hands-on exercises utilizing the HELIX Forensics CD will be incorporated into the course to allow you to perform live forensic analysis on the operating system. Tools Include: Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR2), First Responder’s Evidence Disk (FRED), First Responder Utility (FRU), Md5 Generator, File Recovery, Rootkit Revealer and many others. 

SEC400 is the fourth course in the Cybersecurity Professional Certificate. To complete the certificate students will also enroll in SEC100SEC200SEC300, & SEC500Click on each course link for more details and to add to cart.

Course Outline

  • Introduction to Incident Response and Forensics
    • Real-World Incidents 
    • Case Studies
    • Attack Lifecycle Phases
  • Incident Response Process
    • Incident Response Policy
    • What is an Incident?
    • Incident Response Goals
    • NIST Incident Response Process
  • Preparing for an Incident
    • Pre-Incident Activities
  • Data Collection
    • Live Data Collection
  • Evidence Handling
    • Evidence
    • Chan of Custody
    • Evidence Integrity
  • Network Evidence
    • Network-based Evidence
    • Goals of Network Monitoring
    • Types of Network Monitoring
    • Wireshark and Other Tools
  • Memory Evidence
    • Memory Forensics
    • Memory Acquisition
    • Redline
    • Memory Analysis to Find Evil
      • Zeus
      • Stuxnet
      • Storm Worm Rootkit
      • TDSS Rootkit
  • Remediation
    • Remediation Workflow
    • Remediation Owner
    • Remediation Actions
  • Putting it All Together

Prerequisites

  • SEC100 Information Security Essentials or equivalent experience

Duration

12 Hours | 2 Days or 4 Nights

Loading...
Enroll Now - Select a section to enroll in
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Jan 27, 2025 to Feb 05, 2025
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
T, Th
Time (Central Time)
5:30PM to 8:30PM
Dates
Apr 01, 2025 to Apr 10, 2025
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Jul 07, 2025 to Jul 16, 2025
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Sep 22, 2025 to Oct 01, 2025
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Section Title
Information Security, Incident Response and Computer Forensics
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Dec 01, 2025 to Dec 10, 2025
Schedule and Location
# of Course Hours
12.0
Delivery Option
Course Fee(s)
Rate non-credit $950.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.