Cyber Security Trainings | Solution Deployment | SOC Services | Project Management
Cyber Security Trainings | Solution Deployment | SOC Services | Project Management
Signed in as:
filler@godaddy.com
In this course the attendees will learn how to obtain memory images from different sources and to analyse them to gather Artifacts. Both Windows and Linux systems will be covered. This course is designed for Cyber Security professionals who are involved in technical analysis of incidents, especially those dealing with forensics. In-depth knowledge of operating system concepts is a prerequisite. Python knowledge is helpful but not required.
At the beginning, the trainer will introduce the basic concepts of memory forensics, such as acquisition of memory and its analysis. Additionally, the students will be given basic information on how to use Volatility.
In the first part, the students will learn how to acquire memory images from Windows and Linux operating systems. In the second and third part, the students will perform basic analysis tasks while working with Windows and Linux memory
Memory acquisition tools such as WinPmem, MacPmem, LiME
Introduction to Mandiant Memoryze
Acquiring Memory images from Windows and Linux
Windows process analysis
Network connection analysis
Registry analysis
File and other analysis
Linux process analysis
Linux network connection analysis
File and kernel analysis
Windows malware
Linux malware
Advanced Artifacts Analysis is an advanced level course that covers various tools and processes. It is highly recommended that the attendees should have a good working level knowledge of Windows operating system. It is advisable to have some prior background and experience in Cyber Security, but it is not a must have as this course will start from the basics and get into advanced topics and hands-on labs.
It is highly recommended that all the attendees should bring their own laptop with the following Software/Hardware requirements:
Course Brouchure (pdf)
Download