EXWF

Windows Forensics

Advanced incident response & investigation in Windows environment is a course for upskilling and improving Incident response, investigation, and forensics skills in Windows environment. It is just the right one for experienced cybersecurity and IT teams.

40 Hours

Cloud Environment

Instructor Led

Virtual Labs & Simulation

Improve student capabilities, skills, and knowledge regarding cyber security investigations and forensics in a Microsoft Windows OS environment. Students will experience "Cutting edge" methods, procedures, technology, and tools that should be executed during investigation and will lead to an efficient, more accurate and beneficial investigation on the way to mitigate and prevent similar future threats and damage.
WHO IS IT FOR
SOC IR & Forensics Teams
Law Enforcements Experts
Cyber Practitioners
Network Defenders
IT Network Engineers
Experienced IT Teams
STEM Master's Students
GOALS
Become acquainted with various key concepts of Windows forensics
Become familiar with tools and concepts
Become familiar with procedures, processes, and workflows.
Find, collect, and perform Forensics Investigation of digital evidence
Learning to identify, extract and investigate common artefacts in Windows (including USB, Filesystem, Browsers, Registry, etc.)
Requirements
A few Year's experience in IT\Cyber
  • Introduction to Digital Forensics
  • Evidence Acquisition and Artifacts Extraction
  • Memory Forensic
  • File and Metadata Analysis
  • Core Windows Forensics – Part I
  • Introduction to the Most Common Artifacts of Windows
  • Windows Registry Forensics and Analysis
  • USB Devices and External Connections
  • Windows Shell Items
  • Timestamps
  • JumpLists
  • Email Forensics
  • Event Log Analysis
  • Additional Key Artifacts
  • Web Browser Forensics
  • Manual Forensics CTF
  • Automatic Forensics CTF
  • Cleanup
  • Writing Report for Digital Forensics
  • Overview/Case Summary
  • Forensic Acquisition & Exam Preparation
  • Findings and Report

25 Hours of hands-on activities

Total amount of practical experience during this course.

Contact Us