Cyber Security 235 Basic Network Intrusion Investigations (Mar 2018)

Tuesday Mar 13, 2018 - 08:00am EDT to Friday Mar 16, 2018 - 05:00pm EDT
Event Description: 

This course covers the skills and techniques involved in responding to a network security incident. The course focuses on the identification, extraction, and detailed examination of artifacts associated with network and intrusions. Memory analysis, host machine forensics, network traffic and log analysis, malware analysis, and virtual machine sandboxing are covered through lecture, discussion, and hands-on exercises. Additional topics include key cybersecurity concepts and issues, as well as the various classifications and types of network attacks.

Course structure:

  • Introduction to cybersecurity. Explore the cybersecurity threatscape, the Central Intelligence Agency Triad, and case studies.
  • Network traffic analysis. Learn about the Open Systems Interconnection and Transmission Control Protocol/Internet Protocol models, as well as monitoring, capturing, and parsing artifacts from pcoket capture files.
  • Network attacks. Become familiar with attack types (e.g., insider threat, opportunistic, targeted, advanced persistent threats, blended attacks) and the examination of artifacts from keystroke logger, brute force attack, privilege escalation, remote access, data tampering, data exfiltration, botnet, and distributed denial-of-service attacks.
  • Investigative techniques. Understand live machine triage, the order of volatility, how to capture volatile data, and best practices for data analysis.
  • Hands-on experience. Practice host machine triage, memory analysis, network traffic and log analysis, malware analysis, and virtual machine sandboxing.
ROIC - 2 Schwarzkopf Drive Building 18 - Floor 1
Trenton, NJ 08628-7068
United States
Event Cost Information
Free to Law Enforcement
Space Available: 
24 seats
Organizer Information
Event POC: 
Glenda Humphrey
Event POC Email: 
Event POC Phone: