Preparing for and Executing Incident Recovery
Whenever an incident happens, you have to figure out the “Who, What, Where, When”. This course will help you understand how to conduct an investigation, eradicate the incident and how to build out your own CSI (Cyber-Security Investigator) Jump-Bag.
What you'll learn
Cybersecurity investigations are used to determine what events, changes, and other actions have happened on a device, who or what performed them, and what data is stored there. In this course, Preparing for and Executing Incident Recovery, you'll leanr how to conduct an investigation, eradicate the incident and how to build out your own CSI (Cyber-Security Investigator) Jump-Bag. First you'll learn how to be ready to conduct your own forensic investigations. Next, you'll learn what computer forensic techniques are used in a variety of scenarios, including police investigations, system misuse, compromise and malware analysis, and investigations related to internal policy violations. Then, you'll learn about how to create your own forensics kit, their contents, and the use of these devices and tools. Finally, you'll be shown some forensic suites and tools that provide you what you'll need to capture and preserve forensics data and to perform forensic investigations. By the end of this course, you will have discovered and developed new skills to tackle many cyber-security scenarios.
Table of contents
- What You're Going to Learn 5m
- Let's Define Computer Forensics 6m
- The Objectives of Forensic Analysis 3m
- Forensic Readiness 3m
- Types of Forensics 4m
- The Who's-who of Forensics 5m
- The Forensic Process 4m
- Where Do You Find Evidence? 3m
- How to Collect Electronic Evidence 5m
- Even MORE Forensics 3m
- What You Learned 1m