At Cyber2 Labs we promote the critical need for all cyber security professionals to establish a solid foundation when learning about cyber security.
In today’s cyber security workforce environment many will learn the higher application level of the network while neglecting the lower levels. Here at Cyber2 Labs we feel this is a mistake and have developed this course to help the student truly understand malicious attacks, counter the attacks and design the defense needed to protect the network.
The student will understand all layers of a network and most importantly how network traffic looks when it is normal and when it is under an attack.
The first step in developing an effective incident response capability is learning the methods of attack that can be used to compromise systems and networks. In this course you will learn the fundamentals of forensics, and how information can be extracted in a forensically sound manner. The course will show the latest types of attacks, and what to look for when these types of attacks are carried out against the enterprise.
Within the course you will learn the characteristics of a number of attacks, and a process to evaluate these attacks for the possibility of an intrusion. The section on intrusion analysis will show the data that can be scavenged after a variety of different types of attacks.
These attacks can be from the most basic type all the way through advanced emerging threat attacks. The systematic process you will not only learn, but also practice in the workshop will allow you to analyze virtually all types of intrusions.
Once you have examined the different intrusion methods you will be introduced to an incident response life cycle, and practice implementing it with “live” events and scenarios from actual computer incidents. Each “live” exercise will have a series of events from firewall logs to users calling the help desk, and your task will be to review the information and then using a defined incident response plan determine what is required to be recorded, reported and the required steps to move forward.
The incidents will increase in scope and become more challenging as the workshop progresses.
Module One: Introduction to Forensics
Module Two: Intrusion Analysis
Module Three: Introduction to Incident Response
Module Four: Planning a Response to a potential incident
Module Five: Processing Windows “LIVE” Forensics to discover malware
Module Six: Malware Incident Response