FOR MORE INFORMATION ABOUT THIS COURSE REGISTER FOR UPDATES HERE
Linux powers a vast range of business-critical systems across
the globe. From webservers to database platforms, to network hardware to security
appliances, Linux can often be found “under the hood” making sure the system
just keeps working. Authored by SANS Instructor Tarot (Taz) Wake, the new FOR577: Linux Incident Response & Analysis course currently in development, gives incident responders and forensic
investigators the knowledge they need to understand how Linux systems work, how
attackers compromise environments and how to respond and investigate in an
effective manner.
FOR577 – Linux Incident Response and Analysis course will help you understand:
- The common Linux distributions in use today.
- The incident response cycle and its relationship to threat intelligence and threat hunting on Linux platforms.
- Common attacker tools, techniques and procedures used by advanced threat actors to compromise Linux systems in modern environments.
- Attacker anti-forensic techniques and how to combat them.
- Linux filesystems and timestamps.
- How user interaction changes data within Linux.
- Evidence collection from Linux platforms.
- Key logs application logs, essential to DFIR investigations.
- Triage collection techniques to speed up the incident response process.
- Techniques for using live response tools to facilitate investigations.
- Key actions to significantly improve security protections & facilitate effective incident response.
FOR MORE INFORMATION ABOUT THIS COURSE REGISTER FOR UPDATES HERE
