دوره FOR500: Windows Forensic Analysis

  • SANS
  • 16,331 بازدید
  • 0 نظر

FOR500 builds comprehensive digital forensics knowledge of Microsoft Windows operating systems providing the means to recover, analyze, and authenticate forensic data, track user activity on the network, and organize findings for use in incident response, internal investigations, intellectual property theft inquiries, and civil or criminal litigation. Use this knowledge to validate security tools, enhance vulnerability assessments, identify insider threats, track hackers, and improve security policies. Detailed and real-world exercises teach the tools and techniques that every investigator should employ step-by-step to solve a forensic case. Newly updated to cover all Windows versions through Windows 11!

Syllabus

FOR500.1: Digital Forensics and Advanced Data Triage
FOR500.2: Registry Analysis, Application Execution, and Cloud Storage Forensics
FOR500.3: Shell Items and Removable Device Profiling
FOR500.4: Email Analysis, Windows Search, SRUM, and Event Logs
FOR500.5: Web Browser Forensics
FOR500.6: Windows Forensics Challenge

FOR500: Windows Forensic Analysis