Incident Response Basics
In this hands-on lab, you will learn the basics of Incident Response, including its role in a security program and major phases. You will practice using incident response tools on a live system to capture memory and essential system files for further investigation.

Course Content
Upon completing this lab, you should be able to:
- Define "Incident Response".
- Identify the major phases of the Incident Response Lifecycle.
- Use DumpIt and FTK Imager to perform memory capture on a victim system.
- Use gkape to capture and parse essential system files on a victim system.