Students will learn how to use forensic techniques in order to investigate and document system and network intrusions as well as malicious software incidents. System restoration techniques are also covered. Students will become adept at investigating advanced persistent threats, rogue employees, remote data breeches and other security violations.
Learning Objectives
By the end of the quarter the student will be able to:
- Develop an intrusion response plan for different types of security breaches as evidenced through lecture, laboratory exercises and test
- Investigate various types of security breaches as evidenced by laboratory exercises, research, and test
- Review and preserve evidence related to security breaches as evidenced by laboratory exercises, lecture, and test
- Describe how malicious software and improper security settings can lead to breaches as evidenced by research, lecture, laboratory exercises and test
- Implement encryption techniques for the preservation of evidence as well as explain how it can be used to facilitate breaching security for a network or system. This will be evidenced by lab exercises, test questions and
- Describe and explain how network infrastructure devices and protocols can be used to penetrate network and system defenses as evidenced by laboratory exercises, lectures and test
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.