Course Duration
24 hours, 3-day training workshop
Delivery
Face to face training or online training
Course Inclusive
Training materials & certificate of completion
Course Description
This course aims to provide the trainees the fundamentals of security operations and skill level related to operational security.
ENTRY COMPETENCIES of Participants (Prerequisites):
Any graduate of Engineering, Science, or any BS degree courses that has Information Technology units or anyone with experience on handling/managing ICT equipment.
Course Objectives/Learning Outcomes
At the end of the course, the participant shall be able to:
- Perform introductory computer and network forensics;
- Introduction to digital forensics
- Defining Digital Forensic Evidence
- Collecting Evidence
- Fundamentals of Microsoft Windows Forensics
- Fundamentals of Linux Forensics
- Understand the fundamentals of intrusion analysis;
- Fundamentals of Intrusion Analysis
- Review of Network Protocols
- Common Artifact Elements and Source of Security Events
- Using Packet Captures for Intrusion Analysis
- Netflow
- Using Netflow for Incident Response
- Using Netflow for Data Leak Detection and Prevention
- Grasp the underlining concepts of incident response and incident handling;
- Introduction to Incident Response
- Events and Incidents
- Incident Response Plan and Process
- Incident Response Teams and Frameworks
- 5 Step Incident Handling Model by SANS
- Perform data and event analysis and categorize intrusion events;
- Defining the Cyber Kill Chain Model
- Diamond Model of Intrusion
- MITRE ATT&CK
- Normalizing Data
- 5-Tuple Correlation