Course Duration

24 hours, 3-day training workshop

Delivery

Face to face training or online training

Course Inclusive

Training materials & certificate of completion

Course Description

This course aims to provide the trainees the fundamentals of security operations and skill level related to operational security.

ENTRY COMPETENCIES of Participants (Prerequisites):

Any graduate of Engineering, Science, or any BS degree courses that has Information Technology units or anyone with experience on handling/managing ICT equipment.

Course Objectives/Learning Outcomes

At the end of the course, the participant shall be able to:

• Perform introductory computer and network forensics;
  • Introduction to digital forensics
  • Defining Digital Forensic Evidence
  • Collecting Evidence
  • Fundamentals of Microsoft Windows Forensics
  • Fundamentals of Linux Forensics
• Understand the fundamentals of intrusion analysis;
  • Fundamentals of Intrusion Analysis
  • Review of Network Protocols
  • Common Artifact Elements and Source of Security Events
  • Using Packet Captures for Intrusion Analysis
  • Netflow
  • Using Netflow for Incident Response
  • Using Netflow for Data Leak Detection and Prevention
• Grasp the underlining concepts of incident response and incident handling;
  • Introduction to Incident Response
  • Events and Incidents
  • Incident Response Plan and Process
  • Incident Response Teams and Frameworks
  • 5 Step Incident Handling Model by SANS
• Perform data and event analysis and categorize intrusion events;
  • Defining the Cyber Kill Chain Model
  • Diamond Model of Intrusion
  • MITRE ATT&CK
  • Normalizing Data
  • 5-Tuple Correlation