• Online, Instructor-Led
  • Classroom
Course Description

Basic network and host
operations knowledge
Experience commensurate
with one to five years of
network, host, or application
administration

Learning Objectives

Successful completion of this course will enable students to:

  • Identify the core components of the operating system and a certain a current state, using built-in or other trusted tools
  • Analyze a running system and detect abnormal behavior relating to operating system components
  • Use event log analysis to verify and correlate the artifacts of anomalous behavior and determine the scope of an intrusion
  • Build or modify PowerShell scripts to Interrogate an operating system and automate repetitive analytic tasks
  • Create and use a system baseline to identify unexpected items, such as rogue accounts or configuration changes

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Analysis
  • Digital Forensics
  • Incident Response
  • Systems Analysis