Download Now

SANS FOR508: Advanced Digital Forensics and Incident Response
SANS FOR508: Advanced Digital Forensics and Incident Response
Size: 56.60 Gb Type: Tutorial

SANS 508 ver 2014 DVD, include all tools necessary.

FOR508: Advanced Digital Forensics and Incident Response will help you determine:

How the breach occured
Compromised and affected systems
What attackers took or changed
Incident containment and remediation


DAY 0: A 3-letter government agency contacts you to say critical information was stolen through a targeted attack on your organization. They won't tell how they know, but they identify several breached systems within your enterprise. An Advanced Persistent Threat adversary, aka an APT, is likely involved - the most sophisticated threat you are likely to face in your efforts to defend your systems and data.

Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams. In most cases, adversaries have been rummaging through your network undetected for months or even years.

Incident response tactics and procedures have evolved rapidly over the past several years. Data breaches and intrusions are growing more complex. Adversaries are no longer compromising one or two systems in your enterprise; they are compromising hundreds. Your team can no longer afford antiquated incident response techniques that fail to properly identify compromised systems, provide ineffective containment of the breach, and ultimately fail to rapidly remediate the incident.

This in-depth incident response course provides responders with advanced skills to hunt down, counter, and recover from a wide range of threats within enterprise networks, including APT adversaries, organized crime syndicates, and hactivism. Constantly updated, the incident response course (FOR508) addresses today's incidents by providing hands-on incident response tactics and techniques that elite responders are successfully using in real-world breach cases.

A hands-on enterprise intrusion lab - developed from a real-world targeted APT attack on an enterprise network and based on how an APT group will target your network - leads you through the challenges and solutions via extensive use of the SANS SIFT Workstation collection of tools.

During the intrusion lab exercises, you will identify where the initial targeted attack occurred and lateral movement through multiple compromised systems. You will extract and create crucial cyber threat intelligence that can help you properly scope the compromise and detect future breaches.

During a targeted attack, an organization needs the best incident response team in the field. FOR508: Advanced Digital Forensics and Incident Response will train you and your team to respond, detect, scope, and stop intrusions and data breaches.

Course Contents
FOR508.1: Enterprise Incident Response
FOR508.2: Memory Forensics in Incident Response
FOR508.3: Timeline Analysis
FOR508.4: Deep Dive Forensics And Anti-Forensics Detection
FOR508.5: Adversary and Malware Hunting
FOR508.6: The APT Incident Response Challenge

SANS FOR508: Advanced Digital Forensics and Incident Response

Direct Download

Tags: Advanced, Digital, Forensics, Incident, Response

Add Comments:
Enter Code: *