Digital Forensic & Investigation

 


As a cybersecurity professional, you have a unique responsibility to find and understand your organization's vulnerabilities and to work diligently to mitigate them before the bad guy's pounce.

Incident Response and Digital Forensics (DFE Certification), the flagship and Hacker Associate fully arms you to address this duty head-on.


INCIDENT RESPONSE LIFECYCLE


PREPARATION

– Signs of an incident.

– Alerts [endpoint protection, network security monitoring, host monitoring, account creation, privilege escalation, other indicators of compromise, SIEM, security analytics, and user behavior analytics].

– Estimate the scope of the incident.

– Designate a person who will communicate the incident containment and recovery status to senior management.

– Build a timeline of the attack.

– Chain of custody.

– Detecting and reaching to insider threats.

– Determine the extent of the potential data loss.


IDENTIFICATION

– Signs of an incident.

– Alerts [endpoint protection, network security monitoring, host monitoring, account creation, privilege escalation, other indicators of compromise, SIEM, security analytics, and user behavior analytics].

– Estimate the scope of the incident.

– Designate a person who will communicate the incident containment and recovery status to senior management.

– Build a timeline of the attack.

– Chain of custody.

– Detecting and reaching to insider threats.

– Determine the extent of the potential data loss.


CONTAINMENT

– Documentation strategies: video and audio.

– Containment and quarantine.

– Pull the network cable, switch and site.

– Identifying and isolating the trust model.


ERADICATION

– Evaluating whether a backup is compromised.

– Total rebuild of the Operating System.

– Moving to a new architecture.


RECOVERY

– Who makes the determination to return to production?

– Monitoring to system.

– Expect an increase in attacks.


SPECIAL ACTION FOR RESPONDING TO DIFFERENT TYPES OF INCIDENTS

– Espionage.

– Inappropriate use.


INCIDENT RECORD-KEEPING

– Pre-built forms.

– Legal acceptability.


INCIDENT FOLLOW-UP

– Lessons learned meeting.

– Changes in process for the future.


DFI COUSE INCLUDES

Lifetime Support

Continued CTF lab access

Unlimited Revision

PDF, Videos and Presentation copies

Live one to one online support

More than 120 domain included for DFI

Lifetime access to online quiz for all domains

15+ case studies and real-world scenarios

Practice questions and labs before exam

Discussion forum access for lifetime

Free resources will be always available at a click away

Premium industry based CTF access with Walkthroughs


DFI COURSE OUTCOME

Detect how and when a breach occurred

Identify compromised and affected systems

Perform damage assessments and determine what was stolen or changed

Contain and remediate incidents

Develop key sources of threat intelligence

Hunt down additional breaches using knowledge of the adversary


COURSE DETAILS

WHO IS THIS COURSE FOR?

- Incident Response Team Members

- Threat Hunters

- SOC Analysts

- Experienced Digital Forensic Analysts

- Information Security Professionals

- Federal Agents and Law Enforcement Professionals

- Red Team Members, Penetration Testers, and Exploit Developers

- Hobbyist


DFI ALSO INCLUDES CYBER THREAT INTELLIGENCE

- Importance of Cyber Threat Intelligence

- Understanding the “Kill Chain”

- Threat Intelligence Creation and Use During Incident Response and Threat Hunting

- Creation of Indicators of Compromise

 - Incident Response Team Life-Cycle Overview


COURSE SYLLABUS

Module1: Computer Forensics in Today’s World

Module2: Modern Forensics Investigation Process

Module3: Searching and Seizing Computers

Module4: Unlock Digital Evidence

Module5: First Responder Procedures

Module6: Computer Forensics Lab Design

Module7: Brief Overview of Hard Disks and File Systems

Module8: Windows Forensics & Powershell

Module9: Data Acquisition and Duplication

Module10: Recovering Deleted Files and Deleted Partitions

Module11: Forensics Investigation Using Access Data FTK

Module12: Forensics Investigation Using Encase

Module13: Stenography and Image File Forensics

Module14: Application Password CrackersModule

Module15: Log Capturing and Event Correlation

Module16: Network Forensics, Investigating Logs and Investigating Network Traffic

Module17: Investigating Wireless Attacks

Module18: Investigating Web Attacks

Module19: Tracking Emails and Investigating Email Crimes

Module20: Advanced Mobile Forensics

Module21: DNS Investigation and DNS Hacking Related cases

Module22: Examine Advanced Wireless Attack and Investigation Procedure

Module23: Examine Fake Identity related cases

Module24: Social Engineering attack related cases

Module25: Chain of Custody and protect Evidence

Module26: Collecting Metadata of any Mass Storage Devices

Module27: DNS Spoof , IP Spoof and Mac Spoof on Wide Area Network(WAN)

Module28: Mass Storage devices Investigation Procedure

Module29: Advanced Malware Analysis and Investigation Method

Module30: File Architecture of Linux, Mac and Windows System

Module31: File Architecture of Mobile based OS (Android and IOS)

Module32: Finding Longitude and Latitude of DNS Server

Module33: Disaster Recovery and Procedure for Big Infrastructure

Module34: Collecting Evidence and how to present in Court Room

Module35: Become an Expert Witness

Module36: Cloud Forensics Modules

Module37: IoT Forensics Modules

Module38: Video Forensics Module

Module39: File Integrity of Any Mass storage devices and Data Center

Module40: Log Analysis for Incident Responders and Hunters

Module41: Stealing and Utilization of Legitimate Credentials


Price:

Price in USD $1000 only.


Contact-

Call-  +8801568320150

hackerslash@icloud.com