Many organizations rely on technology to perform anomaly detections and investigations. But when it comes to identifying and investigating abnormal behavior on a system, there is no substitute for a well-trained analyst. Windows System Analysis teaches students how to identify abnormal activity and investigate a running system that may have been compromised. In this course, students will learn the most useful commands, tools, and techniques that can be employed during an investigation to reveal significant indicators of infiltration and how to create a system baseline for future analysis. This course is primarily focused on the Windows 10 operating system, but includes many tools and techniques that also apply to Windows 7 and more recent versions of the Windows Server.
This class is 70% hands-on and 30% classroom instruction, and culminates in a capstone exercise where students are tasked with identifying and investigating compromised systems within a virtual network environment.
After successfully completing this course, students will be able to: