Instructor-led training course
This course is designed to teach the fundamental investigative techniques to respond to today’s sophisticated threat actors and their intrusion methods. This course includes a series of hands-on labs that highlight all phases of a targeted attack lifecycle, critical sources of attacker evidence, and the forensic analysis required to conduct effective analysis. Students can learn how to conduct rapid triage to determine system compromise, uncover evidence of initial attack vectors, recognize persistence mechanisms, and develop indicators of compromise (IOCs) to further scope an incident.
After completing this course, learners should be able to:
Linux system administrators, incident responders, threat hunters, and SOC analysts who need to understand the process involved in performing effective enterprise incident response for Linux systems.
In-classroom or virtual instructor-led training
Students are required to bring their own laptop that meets the following specs: