Learning Cyber Incident Response and Digital Forensics

Learning Cyber Incident Response and Digital Forensics
Learning Cyber Incident Response and Digital Forensics
English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 52m | 283 MB

If your organization is the victim of a cyberattack, are you ready to respond? In this course, learn the basics of how an incident response is conducted, including how evidence is collected for further digital forensic investigation. This course serves as an introduction to the field of digital forensics and incident response practices by providing hands-on demonstrations of tools and techniques used by real-world professionals in the field. A basic understanding of computer networks and cybersecurity is helpful for getting the most from this course.

Topics include:

  • What is cybercrime?
  • Cybersecurity incident response
  • Digital forensic investigations
  • Types of evidence
  • Creating a forensic tool kit
  • Our cyber incident response scenario
  • Analyzing the data
  • Importing evidence into autopsy
  • Analyzing hidden and deleted files
  • Analyzing data from the Windows Registry
  • Conducting log analysis
  • Creating your report
Table of Contents

Introduction
1 The importance of cybersecurity incident response
2 What you should know before taking this course

Digital Forensics
3 What is cyber crime
4 Digital forensic investigations
5 Types of evidence
6 Best practices for digital forensic investigations

Incident Response
7 Cyber incident response
8 Preparation phase
9 Detection and analysis phase
10 Containment eradication and recovery phase
11 Post-incident activity phase

Selecting Forensic Tools
12 Types of forensic tools
13 Commercial vs. open-source forensic tools
14 Legal considerations when choosing forensic tools
15 A basic forensic toolkit

What Do You Do When an Incident Occurs
16 Our cyber incident response scenario
17 How to preserve evidence during a cyber incident response
18 Collecting volatile forensic evidence from memory
19 Collecting network forensics evidence
20 Imaging a mass storage device

Analyzing the Data
21 Types of data analysis
22 Analyzing the contents of volatile memory
23 Importing evidence into Autopsy
24 Analyzing hidden and deleted files
25 Analyzing data from Windows Registry
26 Conducting log analysis
27 Creating your report
28 Other considerations for your investigations

Conclusion
29 What to do next