Course Description
Basic network and host
operations knowledge
Experience commensurate
with one to five years of
network, host, or application
administration
Learning Objectives
Successful completion of this course will enable students to:
- Identify the core components of the operating system and a certain a current state, using built-in or other trusted tools
- Analyze a running system and detect abnormal behavior relating to operating system components
- Use event log analysis to verify and correlate the artifacts of anomalous behavior and determine the scope of an intrusion
- Build or modify PowerShell scripts to Interrogate an operating system and automate repetitive analytic tasks
- Create and use a system baseline to identify unexpected items, such as rogue accounts or configuration changes