QUALITY SERVICE, COMPETITIVE PRICES

818.666.7891

info@mmsgov.com
CYBERSECURITY NEWS

Web Security – Threatpost

Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

Fake Reservation Links Prey on Weary Travelers

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

MMSCYBER001: Advanced Computer Forensics (3 Days)

Course Description

As cybercrime continues to be a huge threat in modern technology, it is extremely important to be versatile and responsive if threats occur around your cyber environment. This Advanced Forensics course is designed to cover the 360 lifecycle process of how to manage and identify breaches, collect evidence and manage threats.

This accelerated program should be taken by users who are interested in the Computer Forensics industry and want to expand their knowledge on complex technical methodologies and IT law. This training course will cover both Windows and Linux operating systems. And will specify a wide variety of topics that cover securing communications with encryption and cryptography, different types of forensics, understanding the fundamentals of data structures, processes in memory, networking and operating systems services, plus more.

With an eye to law enforcement and first responders, this course will cover capturing and extracting data correctly, and making sense of what happened and who was responsible. Students will understand how to correctly collect evidence and present their findings. Participants will master the strategies and procedures needed to efficiently resist any forms of threat.

After completing this course, students will be able to:

  • Manage a breach and recognize the legalities behind it
  • Understand anti-forensics using Cryptography
  • Acquire the Fundamentals of Memory Forensics
  • Examine Windows Services
  • Collect Evidence
  • Hunt Malware in Process Memory
  • Analyze Windows Process Management
  • Acquire Skills for Linux Forensics

 

Course Outline

Module One: Breaches

  1. What Constitutes an Incident
  2. What Constitutes a Breach
  3. Preserving Evidence of Cyber Crime
  4. Managing a Breach
  5. Legal Issues

Module Two: Antiforensics

  1. Anti-Forensics Overview
  2. Secure communication
    1. Cryptography

Module Three: Memory Forensics

  1. Operating Systems Concepts
  2. Fundamentals of Data Structures
  3. The Volatility Framework
  4. Memory Acquisition
    1. Software tools

Module Four: Windows Memory Forensics

  1. Windows Objects and Pool Allocation
  2. Windows Process Management
  3. Process Memory Internals
  4. Hunting Malware in Process Memory
  5. Event Logs
  6. Registry in Memory
  7. Windows Networking and Services
  8. Windows Services
  9. Kernel Forensics and Rootkits

Module Five: Linux Memory Forensics

  1. Linux Memory Acquisition
  2. Linux Operating System
  3. Processes and Process Memory
  4. System Artifacts
  5. File Management
  6. Log Analysis
  7. Rootkits
  8. Case Study of Phalanx2

Module Six: Collecting Evidence

  1. Search and Seizure
  2. Chain of Custody
  3. Admissibility of Evidence in a Court of law
  4. Leave no Trace
  5. Common Tasks
  6. Capturing the Data Image
  7. Cloning
  8. Log Files

Module Seven: Network Forensics

  1. Network Basics
  2. Network Security Tools
  3. Network Attacks
  4. Seek and Destroy
  5. Incident Response
  6. Network Evidence and Investigation

Module Eight: Future Challenges

  1. Future Challenges
  2. Mac Memory Forensics
  3. Cloud Forensics
  4. Mobile Device Forensics