Tactical Digital Forensics Training

Tactical Digital Forensics Training

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

Tactical Digital Forensics Training Course Description

This two-week Tactical Digital Forensics Training teaches students to perform the fast and efficient digital forensics required to discover and investigate an Advanced Persistent Threat. Students learn the types of tactics and procedures a threat actor uses to evade detection, and develop the real-world skills to locate malicious elements on a network and respond appropriately. Students acquire a fundamental understanding of how to effectively discover breaches and triage attacks within a network. A hands-on capstone exercise assesses students’ abilities in response to an intrusion detection incident and grades each individual on the use of forensics analysis techniques to determine the attack method, associated implants, embedded tools and files, attack timeline, and origin of the attack.

Customize It:

• Tailor this Tactical Digital Forensics Training course to your own unique requirements at little-to-no additional expense.
• If you are familiar with some aspects of this Tactical Digital Forensics Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Tactical Digital Forensics Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Tactical Digital Forensics Training course in manner understandable to lay audiences.

Tactical Digital Forensics Training – Skills Gained:

• Students receive a textbook to accompany classroom instruction.
• The class offers a unique combination of digital forensics and malware analysis.
• Classroom exercises demonstrate how to reverse-engineer an attack.
• Theory and exercises review modern methods used by threat actors to gain access to remote networks.
• A capstone event assesses students’ use of forensics analysis techniques to determine a threat’s attack method, associated implants, embedded tools and files, attack timeline, and origin of the attack.

Tactical Digital Forensics Training – Related Courses:

Strapdown and Integrated Navigation Systems Training
Statistics with Excel Examples Training

Tactical Digital Forensics Training – Course Content:

Anatomy of an Attack

A day in the life of an advanced threat
Process Interrogation
Search for forensics tool suites
Learn to find running malware
Discover methods of malware persistence

Memory Analysis

Practice volatile memory capture (RAM dumps)
Perform volatile memory forensics

File Forensics

Identify Advanced Persistent Threats
Analyze dynamic executable files
Recover deleted files and other artifacts
Network Traffic Forensics
Extract files from network traffic
Discover malicious network activity indicators

Windows Internal Forensics

Interrogate processes for indications of malware
Review the Windows boot process
Learn about forensics artifacts
Review event logs for unusual entries in PowerShell
Perform USB device timeline analysis

Responsive Actions

Identify and document Indicators of Compromise
Discover anti-forensics tools and methods
Discover and analyze malware

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email