SANS SEC Forensics 508: COMPUTER FORENSIC INVESTIGATIONS AND INCIDENT RESPONSE
English | ISO | PDF | 3.6GB
Data breaches and advanced intrusions are occurring daily. Sensitive data and intellectual property is stolen from systems that are protected by sophisticated network and host based security. A motivated criminal group or nation state can and will always find a way inside enterprise networks. In the commercial and government sectors, hundreds of victims responded to serious intrusions costing millions of dollars and loss of untold terabytes of data. Cyber attacks originating from China dubbed the Advanced Persistent Threat have proved difficult to suppress. Forensics 508 will help you respond to and investigate these incidents.
Forensics 508: COMPUTER FORENSIC INVESTIGATIONS AND INCIDENT RESPONSE will give you a firm understanding of advanced incident response and computer forensics tools and techniques to investigate data breach intrusions, tech-savvy rogue employees, advanced persistent threats, and complex digital forensic cases.
Utilizing advances in spear phishing, web application attacks, and persistent malware these new sophisticated attackers advance rapidly through your network. Incident Responders and Digital Forensic investigators must master a variety of operating systems, investigation techniques, incident response tactics, and even legal issues in order to solve challenging intrusion cases. Forensics 508: COMPUTER FORENSIC INVESTIGATIONS AND INCIDENT RESPONSE will teach you critical forensic analysis techniques and tools in a hands-on setting for both Windows- and Linux-based investigations.
Attackers will use anti-forensic techniques to hide their tracks. They use rootkits, file wiping, timestamp adjustments, privacy cleaners, and complex malware to hide in plain sight avoiding detection by standard host-based security measures. Everything leaves will leave a trace; you merely need to know where to look.
Learning more than just how to use a forensic tool, by taking this course you will be able to demonstrate how the tool functions at a low level. You will become skilled with new tools, such as the Sleuthkit, Foremost, and the HELIX3 Pro Forensics Live CD. SANS hands-on technical course arms you with a deep understanding of the forensic methodology, tools, and techniques to solve advanced computer forensics cases.
Course Topics* Data Breach Cases, Intrusion Analysis, and Advanced Investigative Strategy
* Evidence Acquisition/Analysis/Preservation Laws and Guidelines
* U.S. Laws Investigators Should Know
* E.U. Laws Investigators Should Know
* Intermediate Computer Forensics Methodology
* In-depth File System Essentials
* Intermediate Linux/Unix File System Examination
* Intermediate Windows FAT and exFAT File System Examination
* Intermediate Windows NTFS File System Examination
* Key Forensic Acquisition/Analysis Concepts
* Volatile Evidence Gathering and Analysis
* Image File Utilization/Conversion (E01, Raw, AFF)
* Windows XP System Restore Points
* Vista, Windows 7, Server 2008, Shadow Volume Copy Exploitation
* Evidence Integrity and Chain of Custody
* Advanced Forensic Evidence Acquisition and Imaging
* File System Timeline Analysis
* Super Timeline Analysis
* Forensic Analysis Key Methods
* File System and Data Layer Examination
* Metadata and File Name Layer Examination
* File Sorting and Hash Comparisons
* Live Response and Volatile Evidence Collection
* Key Windows File System Analysis Concepts
* Advanced Windows Registry Analysis
* Discovering Malware on a Host
* Recovering Key Windows Files
* Windows Internal File Metadata
* Application Footprinting and Software Forensics
* Automated GUI Based Forensic Toolkits
* Step-by-Step Methodology to Investigate Challenging Cases
More info:_
http://www.sans.org/security-training/computer-forensic-investigations-incident-response-98-mid
Use
JDownloader to get Premium speed