top of page

DIGITAL FORENSICS & INCIDENT RESPONSE

line01.jpg
line01_edited.jpg
chess-icon.png
bg02.jpg

AUDIENCE

​Technically skilled SOC analyst who wish to be part of incident response team

PRE-REQUISITES

Candidates with experience in the cyber security field and have technical background with security systems, Windows, Linux and networking.

LOCATION

  • Online

  • Face to face (bootcamp)

  • Hybrid

  • Train-the-Trainer

DESCRIPTION

Digital forensics and incident response (DFIR) is the science of gathering, preserving, analyzing, and presenting digital information and evidence in the organization. This is also known as the Blue Team. 
This field is relevant to corporate security professionals, government employees, and military officers and contractors. Also, anyone who relies on digital information to communicate or to conduct business. 

DFIR (Blue team): Digital Forensics and Incident Response is a hugely important sector of cyber security, where your everyday security analysis is taken to the next level. While most security analysts will work out of a SIEM or SOAR platform, Incident Responders and Forensic analysts typically work directly with a potentially compromised device. With this, they are required to not only be familiar with a larger array of tools for analysis, but also a much stricter set of process and procedures as their actions are often subject to legal requirements.

COURSE OBJECTIVES

After completing this course, you should be able to:

  • Define incident response plan 

  • Investigate office files, PDF, RTF emails for forensics purpose

  • Detect, analyse and contain malwares and attackers

  • Find anomalies in network traffic 

  • Investigate Windows and Linux systems  

  • Use timelines to detect cyber attacks  

  • Analyse malwares and create an IOCs / TTP

  • Use big data system for SIEM 

  • Threat hunting and forensics

The format of the studies

Scope of the program: 120 academic hours

online sessions – TBD

 

bg01.jpg

COURSE SYLLABUS

bottom of page