SANS FOR509 Cloud Forensics and Incident Response (PDF + USB + Videos) 2021 Free Download

SANS FOR509 : Cloud Forensics and Incident Response (PDF + USB + Videos) 2021
English | Tutorial | Size: 5.37 GB

FOR509: Enterprise Cloud Forensics and Incident Response will help you:

Understand forensic data only available in the cloud
Implement best practices in cloud logging for DFIR
Learn how to leverage Microsoft Azure, AWS and Google Cloud Platform resources to gather evidence
Understand what logs Microsoft 365 and Google Workspace have available for analysts to review
Learn how to move your forensic processes to the cloud for faster data processing
With FOR509: Enterprise Cloud Forensics and Incident Response, examiners will learn how each of the major cloud service providers (Microsoft Azure, Amazon AWS and Google Cloud Platform) are extending analyst’s capabilities with new evidence sources not available in traditional on-premise investigations. From cloud equivalents of network traffic monitoring to direct hypervisor interaction for evidence preservation, forensics is not dead. It is reborn with new technologies and capabilities.

Incident response and forensics are primarily about following breadcrumbs left behind by attackers. These breadcrumbs are primarily found in logs. Your knowledge of the investigation process is far more important than the mechanics of acquiring the logs.

This class is primarily a log analysis class to help examiners come up to speed quickly with cloud based investigation techniques. It’s critical to know which logs are available in the cloud, whether they are turned on by default, and how to interpret the meaning of the events they contain.

Numerous hands-on labs throughout the course will allow examiners to access evidence generated based on the most common incidents and investigations. Examiners will learn where to pull data from and how to analyze it to find evil. The data will be available in your VM rather than accessed directly via the cloud to ensure a consistent lab experience.

FOR509 ENTERPRISE CLOUD FORENSICS WILL PREPARE YOUR TEAM TO:

Learn and master the tools, techniques, and procedures necessary to effectively locate, identify, and collect data no matter where it is located
Identify and utilize new data only available from cloud environments
Utilize cloud-native tools to capture and extract traditional host evidence
Quickly parse and filter large data sets using scalable technologies such as the Elastic Stack
Understand what data is available in various cloud environments
FOR509 ENTERPRISE CLOUD FORENSICS COURSE TOPICS

Cloud Infrastructure and IR data sources
Azure Incident Response
AWS Incident Response
Google Workspace Investigations
GCP Incident Response

BUSINESS TAKEAWAYS

Understand digital forensics and incident response as it applies to the cloud
Identify malicious activities within the cloud
Cost-effectively use cloud-native tools and services for DFIR
Ensure the business is adequately prepared to respond to cloud incidents
Decrease adversary dwell time in compromised cloud deployments

Buy Long-term Premium Accounts To Support Me & Max Speed

If any links die or problem unrar, send request to goo.gl/aUHSZc

Leave a Comment Cancel reply