Practical: Malware Analysis and Investigations
Offered By: PA Consulting via FutureLearn
Course Description
Overview
Apply investigative methodology to malware
This five-week course will help you put your knowledge from the Digital Forensics and Incident Response (DFIR) Expert Track into practice.
You’ll learn to use investigation methodology in the context of malware to understand the practical steps to take to prevent a malware attack.
By exploring different analysis environments, you’ll learn how to set up the right kind of environment in order to extract the most information about the malicious software.
Learn how to detect network connections and collect network traffic
Malware is typically delivered over a network, so an understanding of network connections is vital in helping you prevent an attack.
You’ll explore practical methods to find malware connectivity, as well as the importance of collecting network traffic – the amount of data moving across a computer network.
Explore volatile vs static analysis
You’ll identify different types of malware analysis, such as volatile and static, to further your understanding of malware and the impact it can have on a system.
You’ll learn how to find suspect processes and files, and how to discover malware persistence mechanisms to help you remove malware as quickly and effectively as possible, should an attack occur.
By the end of the course, you’ll feel confident in applying your knowledge to practical situations to further your skills as a digital forensic investigator or cyber security incident responder.
This course is designed for anyone who has completed the Digital Forensics and Incident Response (DFIR) Expert Track.
It will help you gain an understanding of malware analysis to help protect your organisation from an attack.
Syllabus
- Practical Malware Investigations
- ExpertTrack Courses
- Welcome to the course
- Week one introduction
- Quiz - Let's test your cyber knowledge
- Malware states
- Analysis environments
- Investigation methodology
- End of week test
- How to find malware connectivity
- Week two introduction
- Ports (Malware connectivity)
- End of week two
- How to find suspect processes
- Week three introduction
- Malicious processes
- End of week three
- How to find suspect files
- Week four introduction
- Finding suspect files
- End of week
- How to find malware persistance
- Week five introduction
- Malware persistance
- End of week five
Taught by
Jim Metcalfe
Related Courses
AWS Cloud Quest: NetworkingAmazon Web Services via AWS Skill Builder AWS Network – Monitoring and Troubleshooting
Amazon Web Services via AWS Skill Builder AWS Security Traffic Monitoring and Packet Analysis
Amazon Web Services via AWS Skill Builder AWS SimuLearn: Analyzing Network Traffic
Amazon Web Services via AWS Skill Builder AWS SimuLearn: VPC Flow Logs Analysis Dashboards
Amazon Web Services via AWS Skill Builder