Lesson objectives help students become comfortable with the course, and also provide a means to evaluate learning. Upon successful completion of this course, students will be able to:
· Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
· Perform anti-forensic methods detection
· Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
· Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router, firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process.
· Identify & check the possible source / incident origin.
· Recover deleted files and partitions in Windows, Mac OS X, and Linux
· Conduct reverse engineering for known and suspected malware files
· Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents