Imedra School - Tech & Cybersecurity Courses

Cybersecurity : Digital Forensics, Incident Response and Threat Hunting

By Imedra school
24/07/2024
2,250 Students

Course Description

Dive into the world of cyber investigations with our comprehensive 40-hour Digital Forensics & Incident Response training . Designed for cybersecurity professionals, IT administrators, law enforcement personnel and IT Students this hands-on program covers everything from incident response fundamentals to advanced malware analysis and threat intelligence. Gain practical skills in collecting, preserving, and analyzing digital evidence to respond effectively to cyberattacks.

By the end of this 40-hour program, participants will be able to:

Respond effectively to cyber incidents using industry-standard protocols
Collect, preserve, and analyze digital evidence from hosts and networks
Conduct forensic imaging, memory, and storage analysis
Generate detailed forensic reports
Analyze malware and integrate threat intelligence into defensive strategies

What you'll learn in this course?

By the end of this 40-hour program, participants will be able to: • Respond effectively to cyber incidents using industry-standard protocols • Collect, preserve, and analyze digital evidence from hosts and networks • Conduct forensic imaging, memory, and storage analysis • Generate detailed forensic reports • Analyze malware and integrate threat intelligence into defensive strategies

Course Curriculum

Objectives :

Understand the phases of the incident response lifecycle and how to manage cyber incidents efficiently.

Learn the foundational framework for responding to security breaches from preparation and detection to containment, eradication, and recovery. This module sets the stage for real-world incident handling and team coordination.

Objectives :

Grasp the core principles of digital forensics and legal requirements for evidence handling.

Explore the essentials of forensic science applied to digital systems, including chain of custody, integrity preservation, and compliance with legal standards for court-admissible findings.

Objectives :

Master techniques for capturing and analyzing network-based digital evidence during cyber incidents.

Discover how to gather logs, traffic captures, and session data from firewalls, IDS/IPS, and network devices to reconstruct attack timelines and identify malicious activity.

Objectives :

Learn how to extract forensic data from compromised host machines without altering critical evidence. Perform accurate disk imaging and verification for digital forensic analysis.
Acquire live forensic techniques to collect volatile and non-volatile data from endpoints, ensuring forensic soundness and system integrity for investigation and legal proceedings.Use industry-standard tools like FTK Imager and LinEn to create bit-for-bit copies of storage media, ensuring admissibility and reliability in investigations and court cases.

Objectives :

Examine network traffic and logs to detect patterns, anomalies, and indicators of compromise (IOCs).

Analyze packet captures (PCAPs), log files, and flow data using tools like Wireshark and Splunk to uncover attacker behavior and lateral movement across networks.

Objectives :

Extract and interpret volatile memory to uncover hidden threats and runtime artifacts.

Conduct memory forensics using tools like Volatility to detect rootkits, process injections, and other malicious activities that leave no trace on disk.

Investigate file systems and deleted data to recover forensic artifacts and user activity trails.

Perform deep-dive analysis of hard drives, SSDs, and USB devices to recover deleted files, examine file metadata, and analyze system logs for investigative insights.

Objectives :

Leverage threat intelligence to anticipate, detect, and respond to evolving cyber threats.

Integrate open-source and commercial threat feeds into your security operations. Learn to map adversaries using frameworks like MITRE ATT&CK and STIX/TAXII for proactive defense.

Objectives :

Produce clear, professional, and legally compliant forensic reports for internal and external stakeholders.

Develop structured reporting skills using standardized templates and best practices to present technical findings in an understandable and defensible format.