BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Windows 10 DFIR and InfoSec Challenges

BSidesLV via YouTube

Start learning Write review

Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!
7000+ certificate courses from Google, Microsoft, IBM, and many more.
India: 75% Off World: 40% Off
This course covers Windows 10 Digital Forensics and Incident Response (DFIR) as well as Information Security (InfoSec) challenges. By the end of the course, learners will be able to understand Windows as a Service (WAAS), track artifacts of program execution, enforce signed drivers, isolate credentials, analyze memory compression, and work with encrypted KDBG. The teaching method includes discussing various Windows 10 features, challenges, and tools. This course is intended for individuals interested in Windows 10 DFIR, InfoSec challenges, and memory analysis.

Syllabus

Intro
Windows 10 is the LAST Version of Windows
Windows as a Service (WAAS) Definitions
ActivitiesCache.db
System Resource Usage Monitor (SRUM)
Tracking Artifacts of Program Execution
Signed Driver Enforcement
Virtual Secure Mode (VSM/VBS)
Credential Isolation
CG Prevents Cached Credential Harvesting
VSM and Acquisition Tools
Required Setup for Testing Acquisition Tools
Hibernation Files
Modern Hiberation Files Pain
Gathering Encryption Keys
Analysis without Encryption Keys
Memory Compression Challenges
Memory Compression Analysis
Swapfile.sys
Encrypted KDBG & Volatility Starting with Windows the critical KOBG structure is encrypted in memory
Volatility Underscore Profiles
Questions/Comments?

Taught by

BSidesLV

Reviews

Start your review of Windows 10 DFIR and InfoSec Challenges

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.