Malware is a global problem. Every year, hundreds of millions of new types of malware are unleashed on the world. It's a challenge for businesses to keep up with organizations investing in finding new ways of infecting and evading detection. Once a company has been infiltrated with a malware infection, it's essential to determine the source so as to close the hole. Students will learn detection techniques, infection vectors, static and dynamic analysis as well as how to construct a timeline to determine the initial infection in case of multiple pieces of malware on the same system.
Learning Objectives
- Categorize infection vectors associated with different types of malware
- Identify common places to investigate in an operating system to determine whether it has been compromised
- Determine the purpose and method of infection for malware through the use of common forensic techniques and analysis
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Network Services
- Vulnerability Assessment and Management
- Digital Forensics
- Cyber Investigation
- Collection Operations
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.