• Classroom
  • Online, Instructor-Led
Course Description

Advanced training on incident detection, and response

Learning Objectives

Describe the differences between static and dynamic analysis|Evaluate the malware analysis process|Describe the factors of configuring the network for a VM|Distinguish between real malware and pseudo malware|Analyze malware for persistence|Perform file hex analysis|Examine registries for system changes|Debug files from source code|Observe running processes|Analyze Portable Executables|Conduct Memory forensics|Provide false network resources to malware|Deceive intruders with a honeypot|Allow attackers to resolve to false domains|Analyze malicious Microsoft Office documents|Analyze malicious PDF documents|Pull metadata from documents|Confirm incidents with running processes and system snapshots|Perform timeline analysis using 4 timestamps|Retrieve user command history

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):