FoxAcademy: First Responder Training

25747597 - teacher showing something on screen to mature students in the computer room

Purpose 

A cyber incident and the subsequent response process are often complex and challenging. Even with external experts acting as your incident response team, employees in your organisation play a vital role in the efficiency of the incident response efforts. Nobody knows the infrastructure better than your own administrators and security personnel, and this is exactly why even the world’s best incident response teams try to leverage this inside knowledge. However, most IT staff are not familiar with the factors that play a role during a cyber crisis, nor with the technical and procedural aspects that pop up along the way.

This training provides your IT and security staff with an understanding of incident response, data collection and initial triage and analysis. By educating your staff on these subjects in this short one-day training, you make sure that while the real experts are on their way, your own personnel are able to act efficiently and correctly in case of an IT security incident. FoxAcademy’s First Responder training is created for organisations that want to improve their incident response and digital forensics. After the training, the participant will know what (not) to do, and no relevant traces will be lost due to inexperience.

Goals 

  • To understand decisive factors that play a role in incident response
  • To learn the basic forensic principles and how to act on those
  • To learn how to handle compromised systems and collect relevant data from them
  • Be able to perform basic triage for incidents
  • How do attackers and malware work?
    • The kill chain
    • Common malware types
  • Incident response lifecycle
  • Basic principles of digital forensics
    • Evidence handling
    • Chain of custody
    • Hashing and data integrity
  • Data collection from hosts and network
    • Forensic imaging & Memory dumps
    • Network traffic captures
    • Enterprise data collection
  • Live data collection and triage
    • Collecting volatile data from live systems
    • Leveraging rapid analysis for incident triage
  • Basic forensic analysis
    • Log analysis
    • Malware hunting
    • Timeline analysis