• Online, Instructor-Led
  • Classroom
Course Description

Designed by operators for operators, this accelerated course is designed to help perform initial incident response activity on Windows systems. This course covers basic and advanced actions a Windows focused responder must perform to reduce the overall impact and costs of incidents.

Learning Objectives

Learning Objectives

Participants of this course will learn how-to:

  1. Responding to unexpected outages
  2. Responding to acts of sabotage
  3. Responding to malicious insiders
  4. Responding to ransomware
  5. Media acquisition, disk imaging and memory captures
  6. Out of band communication techniques
  7. Coordination and mitigations strategies
  8. Tactical decision-making
  9. Modern incident response tools and applications usage for FY 2024

Framework Connections

Specialty Areas

  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Incident Response
  • Digital Forensics