Be prepared for a cyberattack by learning real-world professional techniques and creating a basic digital forensic tool kit.
Learning Cyber Incident Response and Digital Forensics
Overview
Syllabus
Introduction
- The importance of cybersecurity incident response
- What you should know before taking this course
- What is cyber crime?
- Digital forensic investigations
- Types of evidence
- Best practices for digital forensic investigations
- Cyber incident response
- Preparation phase
- Detection and analysis phase
- Containment, eradication, and recovery phase
- Post-incident activity phase
- Types of forensic tools
- Commercial vs. open-source forensic tools
- Legal considerations when choosing forensic tools
- A basic forensic toolkit
- Our cyber incident response scenario
- How to preserve evidence during a cyber incident response
- Collecting volatile forensic evidence from memory
- Collecting network forensics evidence
- Imaging a mass storage device
- Types of data analysis
- Analyzing the contents of volatile memory
- Importing evidence into Autopsy
- Analyzing hidden and deleted files
- Analyzing data from Windows Registry
- Conducting log analysis
- Creating your report
- Other considerations for your investigations
- What to do next
Taught by
Jason Dion
