Home Specialist skills Security FOR572: Advanced Network Forensics: Threat Hunting, Analysis and Incident Response
FOR572: Advanced Network Forensics: Threat Hunting, Analysis and Incident Response
-
Know how to extract files from network packet captures and proxy cache files, allowing follow-on malware analysis or definitive data loss determinations
-
Learn how to decrypt captured SSL/TLS traffic to identify attackers' actions and what data they extracted from the victim
-
Understand how to incorporate log data into a comprehensive analytic process, filling knowledge gaps that may be far in the past
-
Learn how attackers leverage meddler-in-the-middle tools to intercept seemingly secure communications
-
Examine proprietary network protocols to determine what actions occurred on the endpoint systems and learn how to modify configuration on typical network devices such as firewalls and intrusion detection systems to increase the intelligence value of their logs and alerts during an investigation
Overview
Off the shelf (OTS)
Whether you handle an intrusion incident, data theft case, employee misuse scenario, or are engaged in proactive adversary discovery, the network often provides an unparalleled view of the incident. FOR572 covers the tools, technology and processes required to integrate network evidence sources into your investigations to provide better findings and to get the job done faster.
Delivery method
Face to face
Virtual
Digital
Course duration
45-48 hours
Competency level
Working
Delivery method
-
Face to face
-
Virtual
-
Digital
Course duration
45-48 hours
Competency level
-
Working
Spark login – Alpha testing