Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

In this course, you will explore how major cloud service providers—Microsoft Azure, Amazon AWS, and Google Cloud Platform—are enhancing analysts’ capabilities with new evidence sources that are not available in traditional on-premise investigations. From cloud-based network traffic monitoring to direct hypervisor interaction for evidence preservation, forensics is evolving with innovative technologies and tools.

Incident response and forensics revolve around tracing the digital footprints left by attackers, and these footprints are often found in logs. Understanding the investigation process is crucial, often more so than the technicalities of log collection.

Log generation, collection, storage, and retention in cloud environments
Identification of malicious and anomalous activities affecting cloud resources
Data extraction from cloud environments for forensic investigations

AWS Cloud Platform Logging
The candidate will demonstrate an understanding of the information available from the generation, collection, retention and storage of logs from AWS
AWS Structure and Access Methods
The candidate will demonstrate an understanding of AWS architectures, logging, data access and the investigative possibilities
Azure & M365 Cloud Platform Logging
The candidate will demonstrate an understanding of the information available from the generation, collection, retention and storage of logs from Azure & M365
Azure & M365 Structure and Access Methods
The candidate will demonstrate an understanding of Azure and M365 architectures, logging, data access and the investigative possibilities
Cloud Forensic Artifact Techniques
The candidate will demonstrate an understanding of the services, tools and resources available to assist with and automate forensic investigations
Cloud Storage Platforms
The candidate will demonstrate an understanding of the different characteristics of each cloud’s storage resources. The candidate will demonstrate an understanding of ways to create, secure, access and use each storage type.
Cloud Virtual Machine Architecture
The candidate will demonstrate an understanding of the different types, configuration and availability of virtual machines offered in each cloud environment.
Cloud-based Attacks
The candidate will demonstrate an understanding of the tactics and techniques used to attack major cloud provider’s computing resources.
GCP and Google Workspace Cloud Platform Logging
The candidate will demonstrate an understanding of the information available from the generation, collection, retention and storage of logs from GCP and Google Workspace
GCP and Google Workspace Structure and Access Methods
The candidate will demonstrate an understanding of GCP and Google Workspace architectures, logging, data access and the investigative possibilities
In-Cloud Investigations
The candidate will demonstrate an understanding of how to collect forensic images and how to extract data from cloud resources to conduct forensic investigations.
Introduction to Enterprise Cloud Digital Forensics and Incident Response
The candidate will demonstrate an understanding of the most popular cloud concepts. The candidate will demonstrate an understanding of key cloud resources and logs used to facilitate incident response and forensics.
Multi-Cloud Virtual Networking
The candidate will demonstrate an understanding of each cloud networking topology and the grouping of resources for network communication. The candidate will demonstrate an understanding of the inspection and control of network traffic.

There are currently no prerequisites for this course. However the following courses is recommended prior: FOR500: Windows Forensic Analysis FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics SEC488: Cloud Security Essentials

proctored exam 82 Questions 3 hours Minimum passing score of 62%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Intermediate
    • Exam: ECRC
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 4 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Next Generation Mindfulness
    • Duration: 1 Days
    • Language: English
    • Level: Foundation
    • Exam: NGM
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details