Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

This course prepares candidates for hands-on digital forensics and threat hunting roles. In this course, participants will learn how to process, analyze, and interpret enterprise host-based forensic artifacts, as well as how to detect threats and malicious activity. Key topics include:

Windows host file system artifacts
Windows system triage analysis
Collecting volatile evidence from Windows systems
Windows system and activity event analysis
Identifying and detecting enterprise threats
Recognizing malicious threat actor activity within an enterprise environment

Analyzing Lateral Movement Artifacts
You will learn how to identify and analyze events related to malicious lateral movement within a network.

Examining Evidence of Execution
You will learn how to detect and analyze evidence of program, script, or file execution from Windows host artifacts.

Analyzing Volatile Evidence
You will learn to examine memory-resident artifacts to identify both normal and malicious activities.

Reviewing Windows Event Log Data
You will learn how to interpret Windows event log data to identify and analyze both legitimate and malicious actions.

Examining Windows File System Artifacts
You will learn how to analyze Windows host artifacts to distinguish between normal system operations and suspicious activities.

Identifying Evasion Techniques
You will learn how to identify the use of tools and techniques that attackers may use to remove or conceal traces of malicious activity.

Investigating Credential Theft
You will learn how to recognize and analyze artifacts associated with the theft of credentials, including the methods used to steal and use them.

Investigating Persistence Mechanisms
You will learn how to identify and analyze persistence mechanisms, such as configuration changes or scripts, that allow malicious activity to survive system reboots or continue unnoticed.

Temporal Event Analysis
You will learn how to review and analyze event data based on timing to differentiate between routine activity and suspicious or malicious events.

The following courses or equivalent experiences are required GIAC Certified Forensic Analyst (GCFA)

proctored exam Open book, open notes Time limit 4 hour 25 CyberLive - hands-on, real-world practical testing. CyberLive testing creates a lab environment where cyber practitioners prove their knowledge, understanding, and skill using: Actual programs Actual code Virtual machines

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    CompTIA: SecurityX
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CAS-005
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Advanced
    • Exam: ECRC
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 5 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details