Once adversaries compromise your network, they can transfer tools between systems in order to stage them for later use or to support lateral movement. They may use file sharing protocols or copy files with existing tools like scp, sftp and ftp. Learn how to spot and mitigate this behavior so you can stop adversaries in their tracks.
Learning Objectives
You will be able to identify and validate critical threats related to threat actor attempts to exfiltrate your organization's valuable data and potentially attempt to extort your organization for financial gain.
You will be able to use a SIEM tool to identify indicators of compromise and validate whether they should be investigated further.
You will learn response and mitigation recommendations to keep your organization safe.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Operations
- Exploitation Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.