This course helps the students to use the features and functions of RSA NetWitness Platform to to respond to and investigate incidents. This course is for Level 1 and Level 2 analysts relatively new to RSA NetWitness Platform, who wish to increase their familiarity with the tool’s features and functions within the context of incident response and analysis. Students should have familiarity with the basic processes of cybersecurity forensic analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events. Students should have taken the Foundation course prior to this course.
Upon successful completion of this course, participants should be able to:
•Describe SOC roles and models
•Describe the Investigative Methodology
•Identify types of incidents
•Describe the Incident Response process
•Use analysis tools and techniques to investigate an incident
•Document the incident
•Use the incident response process and tools to investigate an incident using packets
•Use the incident response process and tools to investigate an incident using logs
•Use the incident response process and tools to investigate an incident using packets and endpoint
•Use the incident response process and tools to investigate an incident using logs, packets and endpoint
Learn how to hack both WiFi and wired networks like black hat hackers, and learn how to secure them from these attacks.
4.8
★★★★★ 4.8/5
54,905 students
