Chapter 10 - Incident Handling II

Chapter 10 - Incident Handling II

Course content

Chapter Kick-off

Chapter Kick-off

Section 1

1

lesson

Incident Handling II Chapter Kick-off

Malware Attacks Analysis

Malware Attacks

Section 1

6

lessons

Types of Attacks

Ransomware

Computer Virus

Computer Worm

Trojan Horse

Adware

VirusTotal

Section 2

5

lessons

VirusTotal - Tool Introduction

How Does It Work?

VirusTotal Features

How to Use VirusTotal

Analyzing Indicators

Investigating Malicious Indicators - Scenarios

Section 3

7

lessons

Scenarios Introduction

Malicious File

Suspicious Website

Zeus and Sony Pictures Hack

Analysis Report Template

Writing Effective Cybersecurity Reports

Report Writing Playground

EDR Detection & Analysis

EDR

Section 1

4

lessons

Endpoint Detection & Response

EDR Key Components

EDR Data Collection

EDR In SOC

How Does It Work?

Section 2

4

lessons

EDR Phases

Detection

Triage

Remediation

EDR vs Security Products

Section 3

4

lessons

Differences Between AV and EDR

Differences Between SIEM and EDR

The Importance of EDR

Beyond the Buzzwords

Wazuh

Section 4

6

lessons

How Does It Work?

Wazuh’s Main Capabilities

Security Events

File Integrity Monitoring

Active Response

Vulnerability Detection

Working With Wazuh

Section 5

1

lesson

Ready, Set, Lab! - Wazuh FIM and Active Response

Chapter Closure

Chapter Closure

Section 1

1

exam

Incident Handling II Quiz

10Questions

TechDX