[Update Links] SANS FOR608: Enterprise-Class Incident Response & Threat Hunting (PDF/USB) (2022)


SANS FOR608: Enterprise-Class Incident Response & Threat Hunting (PDF/USB) (2022)
English | Size: 87.62 GB
Genre: eLearning

FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on identifying and responding to incidents too large to focus on individual machines. By using example tools built to operate at enterprise-class scale, students learn the techniques to collect focused data for incident response and threat hunting, and dig into analysis methodologies to learn multiple approaches to understand attacker movement and activity across hosts of varying functions and operating systems by using an array of analysis techniques.

FOR608: Enterprise-Class Incident Response & Threat Hunting will teach you to:

Understand when incident response requires in-depth host interrogation or light-weight mass collection
Deploy collaboration and analysis platforms that allow teams to work across rooms, states, or countries simultaneously
Collect host- and cloud-based forensic data from large environments
Discuss best practices for responding to Azure, M365, and AWS cloud platforms
Learn analysis techniques for responding to Linux and Mac operating systems
Analyze containerized microservices such as Docker containers
Correlate and analyze data across multiple data types and machines using a myriad of analysis techniques
Conduct analysis of structured and unstructured data to identify attacker behavior.
Enrich collected data to identify additional indicators of compromise
Develop IOC signatures and analytics to expand searching capabilities and enable rapid detection of similar incidents in the future
Track incidents and indicators from beginning to end using built-for-purpose incident response engagement tooling.

tut4sec.com/forum/topic/sans-for608-enterprise-class-incident-response-threat-hunting-pdf-usb-2022

If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9

SAS-FOR608-PDF-USB-2022

Leave a Comment