YoVDO

Incident Response: Host Analysis

Offered By: Pluralsight

Tags

Incident Response Courses Memory Dump Analysis Courses

Course Description

Overview

Walking into an incident response situation can be intimidating. This course will teach you how to analyze the endpoint traffic, perform memory dump analysis, and begin to piece together the story of what happened.

In an incident response scenario, gathering artifacts for analysis can be stressful. In this course, Incident Response: Host Analysis, you'll learn how to analyze host artifacts in a compromised environment. First, you'll evaluate an endpoint to determine root cause of an incident. Next, you'll perform memory dump analysis to look for volatile artifacts. Finally, correlate connection logs and extract addition artifacts to determine the incident's full scope. When you're finished with this course, you'll have the skills necessary to operate as an incident response host analyst and understand how to synchronize with the other phases of incident response.

Syllabus

  • Looking for Root Cause 28mins
  • Memory Dump Analysis 20mins
  • Deploy Host Agents 19mins
  • Analyze Malicious Office Document 13mins
  • Log Connections - Lateral Movement 16mins

Taught by

Aaron Rosenmund

Related Courses

Working with Memory Dumps and Debugging Using Sysinternals Tools
Pluralsight
Operating System Forensics
LinkedIn Learning
Hunting Linux Malware for Fun and Flags
RSA Conference via YouTube
Scraping Leaky Browsers for Fun and Passwords
BruCON Security Conference via YouTube
Remote Windows Kernel Exploitation - Step Into the Ring 0
Black Hat via YouTube