Incident Response

Section 1: Incident Handling Overview (Completed)

00- Course Introduction

34:51
01.1- Incident Handling Process – Part 1

45:59
01.2- Incident Handling Process – Part 2

01:13:33
01.3- Incident Handling Process – Part 3

01:07:02
01.4- Incident Handling Process – Part 4 (Enterprise Wide Incident Response GRR Lab)

01:22:48
01.5- Incident Handling Process – Part 5 (Enterprise Wide Incident Response Velociraptor Lab)

26:11

محتوى الدورة

Section 1: Incident Handling Overview (Completed)

00- Course Introduction

01.1- Incident Handling Process – Part 1

01.2- Incident Handling Process – Part 2

01.3- Incident Handling Process – Part 3

01.4- Incident Handling Process – Part 4 (Enterprise Wide Incident Response GRR Lab)

01.5- Incident Handling Process – Part 5 (Enterprise Wide Incident Response Velociraptor Lab)

Section 2: Network Traffic & Flow Analysis (Completed)

02.1- Intrusion Detection by Analyzing Traffic Module 1 – Part 1

02.2- Intrusion Detection by Analyzing Traffic Module 1 – Part 2

02.3- Intrusion Detection by Analyzing Traffic Module 1 – Part 3

02.4- Intrusion Detection by Analyzing Traffic Module 1 – Part 4

03.1- Intrusion Detection by Analyzing Traffic Module 2 – Part 1

03.2- Intrusion Detection by Analyzing Traffic Module 2 – Part 2

03.3- Intrusion Detection by Analyzing Traffic Module 2 – Part 3

03.4- Intrusion Detection by Analyzing Traffic Module 2 – Part 4

03.5- Intrusion Detection by Analyzing Traffic Module 2 – Part 5 (Suricata Fundamentals Lab)

03.6- Intrusion Detection by Analyzing Traffic Module 2 – Part 6 (Effectively Using Suricata Lab)

03.7- Intrusion Detection by Analyzing Traffic Module 2 – Part 7 (Effectively Using Bro Lab)

03.8- Intrusion Detection by Analyzing Traffic Module 2 – Part 8 (Effectively Using Snort Lab)

04.1- Intrusion Detection by Analyzing Flow – Part 1

04.2- Intrusion Detection by Analyzing Flow – Part 2

Section 3: Practical Incident Handling (Completed)

05.1- Preparing and Defending Against Reconnaissance and Information Gathering

05.2- [BONUS] Information Gathering

06.1- Preparing and Defending Against Scanning

06.2- [BONUS] Footprinting and Scanning

07.1- Preparing and Defending Against Exploitation

07.2- [BONUS] ARP Poisoning

07.3- [BONUS] ARP Poisoning Lab

07.4- [BONUS] Metasploit and Meterpreter

07.5- [BONUS] Metasploit and Meterpreter Lab

08.1- Preparing and Defending Against Post Exploitation – Part 1

08.2- Preparing and Defending Against Post Exploitation – Part 2

08.3- [BONUS] Post Exploitation – Part 1

08.4- [BONUS] Post Exploitation – Part 2

08.5- [BONUS] Post Exploitation – Part 3

08.6- [BONUS] Post Exploitation – Part 4

08.7- [BONUS] Post Exploitation – Part 5

08.8- [BONUS] Post Exploitation – Part 6

08.9- [BONUS] Post Exploitation – Part 7

08.10- [BONUS] – Post Exploitation – Part 8

Section 4: SOC 3.0 Operations & Analytics (Completed)

09.1- SIEM Fundamentals and Open Source Solutions – Part 1

09.2- SIEM Fundamentals and Open Source Solutions – Part 2 (Splunk Scenario 1 Lab)

09.3- SIEM Fundamentals and Open Source Solutions – Part 3 (Splunk Scenario 2 Lab)

09.4- SIEM Fundamentals and Open Source Solutions – Part 4 (Effectively Using ELK Lab)

10- Logging

11- SMTP, DNS and HTTPS Analytics

12- Endpoint Analytics

13- Creating a Baseline and Detecting Deviations

Exam Preparation (Completed)

14- Exam Prep Notes