Online Cyber First Responder Class
Cybersecurity first responders need to react quickly to identify data breaches and minimize potential losses. Make sure that your evidence is properly preserved in those first critical minutes after detection. This intensive online seminar will teach you the fundamentals of incident response and digital forensic acquisition, including incident planning, detection, and communications; chain-of-custody and evidence preservation fundamentals; volatile memory acquisition, hard drive imaging, and network-based evidence acquisition.
Get hands-on experience taking a forensics image, preserving volatile memory, and capturing network traffic. Participate in an Incident Response tabletop exercise. Designed for staff that are responsible for triage, evidence preservation and incident response. Bring your caffeine and be ready!
Who Should Take This Course
- IT staff tasked with responsibility for detecting and triage of incidents on computer systems
- Incident response team members who are involved in responding to data breaches
- Help Desk staff that may be the first point of contact for reports of suspicious activity
- Anyone with a general technical background who might be asked to respond to a suspected cybersecurity incident
What You’ll Receive
- LMG’s downloadable Kali Linux VM, configured with digital forensics tools
- Lab workbook
- Sample Incident Response Policies
- Linux command line cheat sheet
- A laptop capable of running virtual machines with at least:
4GB of RAM
5GB of available disk space o 1 USB port (2 is better!)
- A USB larger than the amount of RAM in your computer
8GB-32GB preferred. 128GB is too big
Data on drive will be overwritten!
- VMWare installed (trial version of Workstation or Fusion - https://www.vmware.com/try-vmware.html)
- FTK Imager Lite Downloaded (https://accessdata.com/product-download/ftk-imager-lite- version-3.1.1)
- General familiarity with Linux (http://sites.tufts.edu/cbi/files/2013/01/linux_cheat_sheet.pdf)