DFIR370 - Host Intrusion Methodology and Investigation

Course Overview

This hands-on course focuses on the forensic assessment of an infected endpoint, utilizing a wide range of analysis techniques on volatile and disk evidence. After purposely infecting virtual systems, students will learn to apply the host intrusion methodology to recover evidence indicating what actions a hacker took against the victim computer.

 

The course begins with an introduction and explanation of the classroom’s virtual workspace. Instruction addresses topics, such as methods of reconnaissance, in-depth exploration of browser exploits triaging a live host, intrusion analysis methodology, data hiding and phishing techniques, and malware infection. Other areas of study include performing collections with various investigation techniques, and escalating privileges.

 

Students will take part in real-world scenarios by performing several different types of attacks on a mock victim machine and then examine the victim computer using OpenText™ EnCase™ software to identify the artifacts left behind by the attacker. Many different types of tools and programs will be demonstrated and used during the course.

 

In addition to the various hacker tools, students will also utilize and discuss a variety of forensic tools, including EnCase software, the direct network preview, and network intrusion EnScript™ programs for live incident response and collection/analysis of volatile data.

Prerequisites

●    DF320-Advanced Analysis of Windows Artifacts with EnCase course or IR250-Incident Investigation course or CFSR Certification. Students should have a good understanding of network topology and TCP/IP. Advance preparation for this course is not required.

Audience Profile

This course is intended for corporate and government/law enforcement investigators, legal professionals, and network security personnel. Incident response supervisors & team members are encouraged to attend, as are individuals working in a penetration testing or network intrusion investigation role. A knowledge of the concepts of computer forensics and familiarity with the EnCase Forensic software is needed. Knowledge of computer networking hardware, protocols, and concepts is helpful, but not needed. Class curriculum is designed to provide a decent overview of network security and intrusion investigation issues, both from a forensic & intruder perspective.

Learning Objective

Refer course overview

Content Outline

●    Conducting reconnaissance activities and using honey networks
●    The life cycle of a cyber-attack and the anatomy of a browser exploit
●    Conducting a triage of a live host
●    Understanding and establishing a viable methodology for intrusion analysis
●    Data hiding and phishing activities
●    Identifying and combating malware infections
●    Analysis of compromised systems of remote access software and drive-by, web-browser exploits
●    Analysis of memory, event logs, packet captures, and malware
●    Use of tools to escalate privileges and to enhance user capabilities`

FAQs

A: To attend the training session, learners should have operational Desktops or Laptops with the needed specifications and a decent internet connection to access labs.

A: We would always suggest you attend the live session to practice & clarify the doubts instantly & get more value from your investment. However, due to some contingency, if you have to skip the class, Radiant Techlearning will help you with the recorded session of that specific day. However, those recorded sessions are meant only for personal consumption & NOT for distribution or commercial use.

 A: Radiant Techlearning has a data center with a Virtual Training environment for the learners.

Participants can easily access these labs over Cloud with the help of a remote desktop connection.

Radiant virtual labs allow you to learn from anywhere, globally, and in any time zone.

 A: The individuals will be enthralled as we engage them in real-world & industry Oriented projects during the training program. These projects will enhance your skills and knowledge & you will gain a better experience. These real-time projects will assist you a lot in your future tasks & assignments.

 A: Radiant Telelearning offers customized solutions and training programs for individuals, teams & businesses depending on their needs. Here is how we assist each one through our diverse formats.

Individuals / One-O-One Training

●      Focused learning sessions
●      Programmed scheduling according to your choice
●      Get personalized attention
 
Opt what technology interests you

●    Teams- Enroll for our Online public or Classroom batches
●    Get our specialized updated content for various skill levels
●    Get on-demand learning & solve problems quickly
●    Get assistance from the ground level through sequential learning 

Enterprise:

●     Get customized training programmed and solutions that can be curated for your business
●     Meet the requirements of all learners
●     Let your workforce be geared up for all kinds of problem-solving
●     Inspire your teams for future
●     Update your workforce with the latest information from technology and business leadership to marketing.
 

A: Radiant Telelearning has a large pool of in-house certified trainers & consultants with solid backgrounds and working experience in the technology.

Radiant Telelearning offers more than 800+ courses & for each course, Radiant has identified ideal-in-class instructors.

Radiant has highly intensive selection criteria for Technology Trainers & Consultants who provide you with training programs. Our trainers & consultants undergo a rigorous technical & behavioral interview & assessment process before they are boarded in our company.

Our Technology experts/trainers & consultants carry a deep-dive understanding of the technical subject & are certified by the OEM. Our faculty will deliver you the knowledge of each course from the basic level in an easy way & you are free to ask your doubts any time from your respective faculty.

Our trainers have the patience & ability to explain complex concepts in a simplistic way with depth & width of knowledge.

 

A: Radiant believes in a practical & creative approach to training & development, distinguishing it from other training & development platforms. Moreover, training courses are undertaken by experts with a wide range of experience in their domain.

 

Send a Message.


  • Enroll