Class Details



This course examines the fundamentals of system forensics: what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. Students will learn about the tools, techniques, and methods used to perform computer forensics and investigation. This course explores emerging technologies as well as future directions of this interesting and cutting-edge field.

Course Outline

Cyber Threats Detection and Mitigation

 Module 1: SECURITY POSTURE

·         The current threat landscape

·         Cybersecurity challenges

·         Enhancing your security posture

·         The Red and Blue Team

 

Module 2: INCIDENT RESPONSE PROCESS

·         Incident response process

·         Handling an incident

·         Post-incident activity

·         Incident response in the cloud

 

Module 3: UNDERSTANDING THE CYBERSECURITY KILL CHAIN

·         External reconnaissance

·         Access and privilege escalation

·         Exfiltration

·         Sustainment

·         Assault

·         Obfuscation

·         Threat life cycle management

 

Module 4: RECONNAISSANCE

·         External reconnaissance

·         Internal reconnaissance

·         Conclusion of the reconnaissance chapter

 

Module 5: COMPROMISING THE SYSTEM

·         Analyzing current trends

·         Phishing

·         Exploiting a vulnerability

·         Zero-day

·         Performing the steps to compromise a system

 

Module 6: CHASING A USER'S IDENTITY

·         Identity is the new perimeter

·         Strategies for compromising a user's identity

·         Hacking a user's identity

 

Module 7: LATERAL MOVEMENT

·         Infiltration

·         Performing lateral movement

 

Module 8: PRIVILEGE ESCALATION

·         Infiltration

·         Avoiding alerts

·         Performing privilege escalation

·         Conclusion and lessons learned

 

Module 9: SECURITY POLICY

·         Reviewing your security policy

·         Educating the end user

·         Policy enforcement

·         Monitoring for compliance

 

Module 10: NETWORK SEGMENTATION

·         Defense in depth approach

·         Physical network segmentation

·         Securing remote access to the network

·         Virtual network segmentation

·         Hybrid cloud network security

 

Module 11: ACTIVE SENSORS

·         Detection capabilities

·         Intrusion detection systems

·         Intrusion prevention system

·         Behavior analytics on-premises

·         Behavior analytics in a hybrid cloud

 

Module 12: THREAT INTELLIGENCE

·         Introduction to threat intelligence

·         Open source tools for threat intelligence

·         Microsoft threat intelligence

·         Leveraging threat intelligence to investigate suspicious activity

 

Module 13: INVESTIGATING AN INCIDENT

·         Scoping the issue

·         Investigating a compromised system on-premises

·         Investigating a compromised system in a hybrid cloud

 

Module 14: RECOVERY PROCESS

·         Disaster recovery plan

·         Live recovery

·         Contingency planning

·         Best practices for recovery 

Module 15: VULNERABILITY MANAGEMENT

·         Creating a vulnerability management strategy

·         Implementation of vulnerability management

·         Best practices for vulnerability management

·         Implementing vulnerability management with Nessus

Objectives

  • Understand the importance of having a solid foundation for your security posture
  • Understand the attack strategy using cyber security kill chain
  • Enhance their defense strategy by improving security policies, hardening the network, implementing active sensors, and leveraging threat intelligence
  • Perform an incident investigation
  • Understand the recovery process
  • Understand continuous security monitoring and how to implement a vulnerability management strategy
  • Perform log analysis to identify suspicious activities

 

 

 

 

 

 

Register for Class

Date Location
01/23/19 - 01/25/19, 3 days, 8:30AM – 4:30PM Online Register