Dates: December 7th and 8th
This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.
- Gain fundamental knowledge of modern Windows and Linux host artifacts.
- Explain logical investigative workflows for host pivoting, data collection, and analysis.
- Develop an understanding of use cases for incident response host pivots and root cause analysis.
- Develop host triage collection and analysis skills for effective investigations of Windows and Linux systems.
- Properly identify file system, OS, and memory artifacts to support timeline creation and attack path reconstruction.
- Build deductive reasoning and investigative prowess through hands-on exercises built around real-world scenarios.