Incident Response: Host Analysis

Walking into an incident response situation can be intimidating. This course will teach you how to analyze the endpoint traffic, perform memory dump analysis, and begin to piece together the story of what happened.

In an incident response scenario, gathering artifacts for analysis can be stressful. In this course, Incident Response: Host Analysis, you'll learn how to analyze host artifacts in a compromised environment. First, you'll evaluate an endpoint to determine root cause of an incident. Next, you'll perform memory dump analysis to look for volatile artifacts. Finally, correlate connection logs and extract addition artifacts to determine the incident's full scope. When you're finished with this course, you'll have the skills necessary to operate as an incident response host analyst and understand how to synchronize with the other phases of incident response.

• Looking for Root Cause 28mins
• Memory Dump Analysis 20mins
• Deploy Host Agents 19mins
• Analyze Malicious Office Document 13mins
• Log Connections - Lateral Movement 16mins