Digital Forensics and Investigations
Cyber Security

Digital Forensics and Investigations

Apply to Course Now
Tutorials
0
Training programm
0
Teacher
0
Price
0
Summary rating from 0 user's marks. You can set own marks for this article - just click on stars above and press "Accept".
0

About the Course:

The ability to preserve and analyse data found on digital storage media, computer systems and networks is essential for understanding and mitigating cyber attack against IT infrastructures. The ability to forensically analyse these devices and systems in a manner that preserves critical information is essential. The forensics professional must be highly competent in collecting, examining, analysing and reporting on digital evidence. The use of real-world scenarios would enable the target audience not only to learn the required skills, but also gain experience in their practical application.

Course Objectives:

Participants will learn techniques to identify suspect traffic pattern, identify a breached host, identify signs of Bots running in a network and the techniques to deal with and manage compromised machines.

Target Audience

Lectures with presentation slides and extensive hands-on exercises.

Prerequisite/s

The core of the course will be focused on how an information security practitioner can identify, analyse and report malicious activities. The course does not assume prior knowledge of forensics investigations, and will cover basic topics from basics of digital forensics to malware analysis.

Delivery Mode

Lectures with presentation slides, extensive hands-on group exercises and case studies.

Training Requirements

Participants are required to bring their own notebook.

Course Outline
  • Driving factors behind modern malicious Internet activity
  • Common attack vectors: from remote buffer overflow to Web 2.0
  • Motivations of cyber attackers
  • Botnets as a threat: A tool for Internet crime
  • Botnet creation methods, attack vectors, and trends
  • Hands-on exercises focused on initial infection vectors, propagation, and Botnet functions.
  • Botnet functionality: banking credential theft, spam, phishing, DDoS attacks, proxies, network sniffing, malware hosting, key logging, etc.
  • Create and administer IRC and HTTP Botnets
  • Introduction to Network Forensics
  • Identifying and analyzing botnet activity: Finding Botnet C&Cs and compromised hosts
  • Effectively identify compromised hosts, malicious internet activity, and Botnets using:
  • Intrusion Detection Systems
  • Network Flow Analysis
  • Host-based Monitoring
  • Run and administer IDS, network flow, and host-based monitoring system
  • Network Forensics: Hands-on Exercises
  • Network traces of common attack vectors
  • Collecting malware using Honeypots to find compromised hosts and Botnets
  • Running server-side and client-side honeypots
  • Malware analysis to investigate malicious activity
  • Introduction to dynamic and static malware analysis
  • Performing dynamic and static malware analysis

Class Venue

Cyberjaya, Selangor

Phone: +603 8322 4622
C-1-02A, CoPlace 2
2260 Jalan Usahawan 1, Cyberjaya, 63000 Cyberjaya, Selangor, Malaysia
Style switcher RESET
Body styles
Color settings
Link color
Menu color
User color
Background pattern
Background image