While there is undoubtedly a need for deep forensic analysis in the investigation of malware and operating system intrusions, an investigator must first know that there has been an intrusion before that activity can begin. Many organizations rely on technology to perform this task for them but there is no substitute for a well-trained analyst when it comes to identifying and investigating abnormal behavior on a system.
Live System Analysis teaches students how to identify abnormal activity and investigate a running system that may have been compromised. In this course, students will learn sound methodology coupled with the most useful commands and tools that can be employed during investigation to reveal significant indicators of infiltration, as well as how to create a system baseline to be used for future analysis. Both the Windows and Linux operating systems are covered in this course. Please note, there is significant overlap between this course and the Windows-only course "Windows System Analysis."
After successfully completing this course, students will be able to: