Our six day GCHQ certified course will provide you with the necessary responsive skills and appropriate decision-making abilities to effectively investigate IT security incidents using cutting edge digital forensics tools, tactics and techniques. You will also become a malware hunter and defender for your organisation and be able to identify suspicious activity on a corporate system and from network traffic to discover and investigate high-end cyber threats.
-
Aim Show more Show less
Understand the types of tactics a threat actor uses to evade detection by developing
advanced skills to locate malicious elements on a network and respond appropriately.
Learn how to report a compromise, who to alert and how countermeasures may help defend against future threats. -
Who should attend? Show more Show less
IT professionals who operate as the IT support function in an organisation.
Professionals who need to understand how to effectively respond to a potential incident and quickly apply the necessary actions.
The course is also available as part of a workforce transformation program ensuring all IT staff are better defenders of their organisation’s network.
-
Learning objectives Show more Show less
- Develop skills using fully immersive, hands-on training and a variety of tools
- Effectively discover host or network breaches in order to triage potential attacks
- Understand how malware typically finds its way onto a system
- Understand variations of malware and cyber threats
- Gain knowledge of the fundamentals of Windows operating systems
- Gain knowledge of file systems and processes
- Interrogate the Windows Registry
- Perform volatile memory capture (RAM dumps)
- Perform forensic imaging
- Differentiate between law enforcement and corporate incident response
- Perform network traffic forensics
- Perform disk-based forensics
- Find and identify important artefacts
- Report findings.