Incident Response: Host Analysis
Offered By: Pluralsight
Course Description
Overview
Walking into an incident response situation can be intimidating. This course will teach you how to analyze the endpoint traffic, perform memory dump analysis, and begin to piece together the story of what happened.
In an incident response scenario, gathering artifacts for analysis can be stressful. In this course, Incident Response: Host Analysis, you'll learn how to analyze host artifacts in a compromised environment. First, you'll evaluate an endpoint to determine root cause of an incident. Next, you'll perform memory dump analysis to look for volatile artifacts. Finally, correlate connection logs and extract addition artifacts to determine the incident's full scope. When you're finished with this course, you'll have the skills necessary to operate as an incident response host analyst and understand how to synchronize with the other phases of incident response.
In an incident response scenario, gathering artifacts for analysis can be stressful. In this course, Incident Response: Host Analysis, you'll learn how to analyze host artifacts in a compromised environment. First, you'll evaluate an endpoint to determine root cause of an incident. Next, you'll perform memory dump analysis to look for volatile artifacts. Finally, correlate connection logs and extract addition artifacts to determine the incident's full scope. When you're finished with this course, you'll have the skills necessary to operate as an incident response host analyst and understand how to synchronize with the other phases of incident response.
Syllabus
- Looking for Root Cause 28mins
- Memory Dump Analysis 20mins
- Deploy Host Agents 19mins
- Analyze Malicious Office Document 13mins
- Log Connections - Lateral Movement 16mins
Taught by
Aaron Rosenmund
Related Courses
Working with Memory Dumps and Debugging Using Sysinternals ToolsPluralsight Operating System Forensics
LinkedIn Learning Hunting Linux Malware for Fun and Flags
RSA Conference via YouTube Scraping Leaky Browsers for Fun and Passwords
BruCON Security Conference via YouTube Remote Windows Kernel Exploitation - Step Into the Ring 0
Black Hat via YouTube