Companies protect themselves with digital defenses such as firewalls, encryption, and signature/heuristic scanning. Additionally, nations plan attacks by targeting power grids, infiltrating military data centers, and stealing trade secrets from both public and private sectors. In this course, Getting Started with Windows Memory Forensics, you will gain the ability to examine the different compartments of the windows operating system to discover abnormal or malicious behavior. First, you will learn how to examine process memory. Next, you will discover how to identify malicious network connections. Finally, you will explore how to detect code injection and perform memory extraction and analysis. When you are finished with this course, you will have the skills and knowledge of Windows Memory Forensics needed to examine the different compartments of the windows operating system to discover abnormal or malicious behavior.
Course Overview (Music) Hi everyone. My name is Corey Charles, and welcome to my course, Getting Started with Windows Forensics. I'm the CEO and Senior IT Security Consultant DreamVision IT, LLC. This course is an introductory course to Windows memory forensics. Basic knowledge of networking and the Windows operating system is required. Some of the major topics we will cover include, one, examining process memory, two, identifying malicious network connections, three, code injection, and four, memory extraction and analysis. By the end of this course, you will know how to examine the different compartments of the Windows operating system to discover abnormal or malicious behavior. Before beginning the course, you should be familiar with the Windows operating system and basic networking protocols. I hope you will join me on this journey to learn how to forensically investigate the Windows operating system memory, with the Getting Started with Windows Forensic course, at Pluralsight.