Using file parsing tools, including grep, cut, and awk.Working with Linux file systems and permissions.Build command line skills at your own pace.Learn Linux using an interactive learning environment.Complete cloud compromise incident response walkthrough.Applying cloud recovery and remediation following an incident.Data collection and isolation for compromise assessment.Essential cloud logging assets for incident response.Steps for conducting a cloud security incident investigation.Inspecting malware actions with RegShot and Procmon.Using snapshot and continuous recording tools.Assessing attacker malware in a safe test environment.Build attacker event timelines using non-volatile memory captures.Using Volatility 3 to investigate malware.Conducting offline analysis of attacker persistence.Collecting volatile memory from a compromised host.Assessing encrypted network traffic with multiple data sources.Filtering network activity to identify indicators of compromise.Identifying compromised host beaconing with proxy server logs.Leveraging Sysinternals for live Windows examinations.Enumerating Windows auto-start extensibility points.Correlating network and persistence activity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |