• Classroom
  • Online, Instructor-Led
Course Description

Participants will do the following:

  • Architect an infrastructure that allows for methodical investigation and remediation
  • Develop leads, identify indicators of compromise, and determine incident scope
  • Collect and preserve live data
  • Perform forensic duplication
  • Analyze data from networks, enterprise services, and applications
  • Investigate Windows and Mac OS X systems
  • Perform malware triage
  • Write detailed incident response reports
  • Create and implement comprehensive remediation plans

Learning Objectives

In this course, students will learn to architect an infrastructure that allows for methodical investigation and remediation, develop leads, identify indicators of compromise, and determine incident scope, collect and preserve live data, perform forensic duplication, analyze data from networks, enterprise services, and applications. investigate Windows and Mac OS X systems, perform malware triage, write detailed incident response reports, create and implement comprehensive remediation plans.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.