The course
7Safe's most advanced forensics training course introduces delegates to a range of scenarios where traditional computer forensics approaches will fail. This 4 day technical, highly practical course is designed to equip information security specialists with the knowledge and skills to deal effectively with incident response situations. It also gives investigators valuable insight into forensic acquisition under difficult circumstances. Delegates will be guided through a real-world style scenario featuring extensive "hands-on" learning throughout.
Delegates who successfully complete the exam included at the end of the training course will be awarded the Certified Security Incident Specialist (CSIS) qualification.
Course Syllabus 
- Introduction to Incident Response – Identifying an incident and forming a response plan
- Introduction to Investigations – Introducing and exploring the investigation process
- Preparation and Scenarios – Equipment, data security and example incident scenarios
- Information Gathering – Background, sources of data and prioritisation
- Data Preservation – Forensic imaging and cloning, capture environments
- Server Data Storage – Server disk technologies
- Volatile Data – What it is, core dump analysis and live system data
- Capturing Network Data – Domain Controllers, gathering information and virtualisation
- Data Capture – Other Sources – Mail servers, web-mail, Web-sites, Facebook, Linux and Mac
- Tracing System Activity – The registry, user accounts, event logs and connected devices
- Tracing User Activity – Prefetch, link files, shellbags and more
- Malware Analysis – An tested strategy for investigating
- Log File Analysis – IIS and FTP logs, Cygwin
- Databases – SQLite and Firefox artefacts
- Volume Shadow Copies – Using different investigation techniques
- Secure File Deletion – Recycle bins and overwriting data
- Incident Reactions – Containment, remediation, prevention and reporting
Prerequisites
- Principles & general guidelines surrounding forensic investigations
- Experience of carrying out forensic investigations
- A basic computer forensic course, e.g. 7Safe's CFIP course
 Download
PDF
|
Course outline
Read the CSIS Computer Security training course outline to find out more about the many topics covered in CSIS Computer Security Incident Investigation: Hands-On |
Frequently Asked Questions (FAQ)
