Performing Incident Response in a Windows Environment

CybrScore's Performing Incident Response in a Windows Environment lab is premium lab aimed to prepare the student to take on the role as the lead incident responder on a sysadmin team. This will be done by the use of incident response methodologies to determine what happened, identify any malicious files found on the system, and take the appropriate steps to resolve any discovered issues. CybrScore's Performing Incident Response in a Windows Environment lab is premium lab teaches students how to conduct an initial examination of the Windows 8 machine. The student will also investigate any critical system modifications and determine whether or not a virus was installed on the machine.

Upon successful completion of CybrScore's Performing Incident Response in a Windows Environment lab, the student will be able to take on the role of a lead incident responder on a sysadmin team. The student will be able to conduct an initial examination of a Windows machine, thoroughly investigate any critical system modifications, and utilize VirusTotal.com to verify potential bad files and resolve the incident. CybrScore's Performing Incident Response in a Windows Environment lab takes approximately 1 to 2 hours to complete for most students.

In CybrScore's Performing Incident Response in a Windows Environment lab, students will learn how to conduct an initial examination by walking the student through the steps needed to identify what happened, or what is happening, and whether the machine is actually compromised.

In CybrScore's Performing Incident Response in a Windows Environment lab, students will learn how to analyze suspicious files. By performing some analysis on the files to see if they can verify the incident and determine what all the program does.

In CybrScore's Performing Incident Response in a Windows Environment lab, students will conduct post-verification stages. After confirming that malware is present, the student will perform a set of steps to determine if the system is salvageable; limit the damage to the infected system; re-mediate the system and then perform any wrap-up actions needing completion (documentation, reports, etc.). CybrScore's Performing Incident Response in a Windows Environment lab will briefly walk the student through identifying common procedures to perform after verifying an incident has occurred.

CybrScore's Performing Incident Response in a Windows Environment lab is presented by Cybrary and was created by CybrScore. CybrScore is a fully immersive, experience-based, hands-on training catalog designed to help people to learn security, by doing. This continuously evolving suite of hands-on labs will teach security professionals how to become efficient and effective at conducting security tasks. CybrScore's Performing Incident Response in a Windows Environment lab provides that persistent training, with the analytics and reporting (via Cybrary) to ensure that you and your teams are continually improving. This lab is quick to perform, up to date and fun to interact with.

Completion of CybrScore's Performing Incident Response in a Windows Environment lab means that the student has demonstrated the ability able to take on the role of a lead incident responder on a sysadmin team. The student will be able to conduct an initial examination of a Windows machine. Thoroughly investigate any critical system modifications. Use incident response methodologies to determine what happened, identify any malicious files found on the system, and take the appropriate steps to resolve any discovered issues.

Click the launch button to start the lab.