Course

Course Summary
Credit Type:
Course
ACE ID:
DDCI-0005
Organization's ID:
FIWE
Organization:
DC3 Cyber Training Academy
Length:
2 weeks (80 hours)
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Upper-Division Baccalaureate 5 computer forensics
Description

Objective:

This course is a scenario-based training in how to conduct a full investigation of a network intrusion in a Windows environment. Students conduct several forensic examinations, analyze log data and network traffic, prepare an executive summary, create an event timeline, and perform malware analysis. Students will learn to determine how an intrusion took place, what material may have been compromised, and what other systems are potentially at risk.

Learning Outcomes:

  • generate a detailed and accurate account of a network intrusion
  • analyze network-based evidence
  • analyze host-based evidence
  • explain how to conduct a lawful network investigation

General Topics:

  • An overview of intrusion investigations
  • How to report
  • Lead generation
  • Network and enterprise analysis
  • Memory forensics
  • Windows systems and application analysis
  • Malware triage
  • Executive summary
  • Remediation recommendations
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Case Studies
  • Classroom Exercise
  • Computer Based Training
  • Discussion
  • Laboratory
  • Lectures
  • Practical Exercises

Methods of Assessment:

  • Examinations
  • Performance Rubrics (Checklists)

Minimum Passing Score:

70%
Supplemental Materials