Apply investigative methodology to malware
This five-week course will help you put your knowledge from the Digital Forensics and Incident Response (DFIR) Expert Track into practice.
You’ll learn to use investigation methodology in the context of malware to understand the practical steps to take to prevent a malware attack.
By exploring different analysis environments, you’ll learn how to set up the right kind of environment in order to extract the most information about the malicious software.
Learn how to detect network connections and collect network traffic
Malware is typically delivered over a network, so an understanding of network connections is vital in helping you prevent an attack.
You’ll explore practical methods to find malware connectivity, as well as the importance of collecting network traffic – the amount of data moving across a computer network.
Explore volatile vs static analysis
You’ll identify different types of malware analysis, such as volatile and static, to further your understanding of malware and the impact it can have on a system.
You’ll learn how to find suspect processes and files, and how to discover malware persistence mechanisms to help you remove malware as quickly and effectively as possible, should an attack occur.
By the end of the course, you’ll feel confident in applying your knowledge to practical situations to further your skills as a digital forensic investigator or cyber security incident responder.
This course is designed for anyone who has completed the Digital Forensics and Incident Response (DFIR) Expert Track.
It will help you gain an understanding of malware analysis to help protect your organisation from an attack.
