Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

In this course, you will explore how major cloud service providers—Microsoft Azure, Amazon AWS, and Google Cloud Platform—are enhancing analysts’ capabilities with new evidence sources that are not available in traditional on-premise investigations. From cloud-based network traffic monitoring to direct hypervisor interaction for evidence preservation, forensics is evolving with innovative technologies and tools.

Incident response and forensics revolve around tracing the digital footprints left by attackers, and these footprints are often found in logs. Understanding the investigation process is crucial, often more so than the technicalities of log collection.

Log generation, collection, storage, and retention in cloud environments
Identification of malicious and anomalous activities affecting cloud resources
Data extraction from cloud environments for forensic investigations

AWS Cloud Platform Logging
The candidate will demonstrate knowledge of the generation, collection, retention, and storage of logs within the AWS environment, and how this data can be leveraged for forensic investigations.

AWS Architecture and Access Methods
The candidate will demonstrate an understanding of AWS architecture, logging mechanisms, data access, and the investigative potential these structures provide.

Azure & M365 Cloud Platform Logging
The candidate will show understanding of the logging processes within Azure and Microsoft 365, including the collection, retention, and storage of log data for forensic analysis.

Azure & M365 Architecture and Access Methods
The candidate will demonstrate an understanding of the architecture of Azure and M365, including how logs are generated, collected, and accessed, and the investigative opportunities these platforms present.

Cloud Forensic Artifact Techniques
The candidate will demonstrate proficiency in identifying and utilizing cloud services, tools, and resources to automate and assist with forensic investigations.

Cloud Storage Platforms
The candidate will demonstrate knowledge of the characteristics of various cloud storage resources, as well as how to create, secure, access, and manage each storage type within the cloud environment.

Cloud Virtual Machine Architecture
The candidate will show an understanding of the various types of virtual machines available across cloud platforms, along with their configuration and availability in different environments.

Cloud-based Attacks
The candidate will demonstrate knowledge of the tactics, techniques, and procedures used in attacks against the computing resources of major cloud providers.

GCP and Google Workspace Cloud Platform Logging
The candidate will demonstrate understanding of log generation, collection, retention, and storage processes within Google Cloud Platform (GCP) and Google Workspace, and how this data can be used for forensic investigations.

GCP and Google Workspace Architecture and Access Methods
The candidate will demonstrate an understanding of the GCP and Google Workspace architectures, how data is logged, collected, and accessed, and how these systems support forensic analysis.

In-Cloud Investigations
The candidate will demonstrate how to collect forensic images and extract data from cloud environments to conduct thorough forensic investigations.

Introduction to Enterprise Cloud Digital Forensics and Incident Response
The candidate will have an understanding of essential cloud concepts, including key cloud resources and logs, and how these resources are used to support incident response and digital forensics.

Multi-Cloud Virtual Networking
The candidate will demonstrate knowledge of networking topologies across multiple cloud environments, including how resources are grouped for network communication, and the methods for inspecting and controlling network traffic.

There are currently no prerequisites for this course.

proctored exam 82 Questions 3 hours Minimum passing score of 62%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    CompTIA: SecurityX
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CAS-005
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Advanced
    • Exam: ECRC
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 5 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details