Incident Response and Advanced Forensics

Course
Time
7 hours 36 minutes
Difficulty
Advanced
CEU/CPE
7
Create Free Account

Video Description

This lesson covers volatile memory capture. There are numerous programs to accomplish this; some of the well-known ones are: · FTK Imager · DumpIT · Mandiant Redline The best practice is to use removable media with installed software, which captures virtual memory while not adding files which causes valuable data to be overwritten. After the data is collected; the following takes place: · Disk encryption · Forensic imagining · Volatile memory analysis · Analysis of data Reporting

Up Next

10:41
Part 9 - Forensics in Support of Incident Response
09:27
Part 10 - Formatting a disk for Incident Response
09:01
Part 11 - Using the FTK Imaging Software
08:24
Part 12 - The Forensic Acquisition of Data from a PC
10:41
Part 13 - Navigating the H Drive

Incident Response and Advanced Forensics

In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.

Instructed By

Instructor Profile Image
Max Alexander
VP, Cybersecurity Incident Response Planning at JPMorgan
Instructor