Wait a minute..

Blue Team Operation for Cyber Defense

Specially crafted for corporate environments, this course is intended for the establishment of a Blue Team to handle corporate cyber defense. Alternatively, it is also for well-established businesses looking to improve the state of their cybersecurity.

Live Virtual Classroom
Beginner 0(0 Ratings)
Created by Hacktrace Indonesia
What will I learn?
  • As part of a Security Operation Center (SOC), you will learn how to handle operations surrounding a cybersecurity incident
  • Apply a specialized incident handling process that includes preparation, identification, containment, eradication, and recovery
  • Analyze common attacker techniques to discern an attacker’s actions during the incident
  • Use backdoors, rootkits, and malware to determine the techniques used in a cyber attack
  • Analyze online logs to discern what the attacker has been doing on other devices
  • How to craft a threat hunting activity all to prevent threats from harming corporate infrastructure
  • Regularly perform vulnerability checks against corporate assets
  • Conduct an intrusion analysis relating to a cybersecurity incident
  • Develop a knowledge of obtaining digital evidence in the event of a cyber attack analyzing memory dumps to learn more about the attacker’s activities
  • Take a deep dive into shell history files to unearth compromised machines, backdoors, and accounts controlled by attackers
Live virtual classroom schedule

Live online features
  • Blue Team Operation for Cyber Defense Reguler
Offers
  • Training Kit
  • Certificate of Completion

Curriculum for this course
SOC Operation and Incident Introduction
8 Lessons
  • Introduction to SOC operations
  • Network security fundamental
  • Setting up student environment
  • Setting up student environment
  • Introduction to Incident Response and Handling
  • Incident Response and Handling Methodology
  • Type of incidents that needs special actions
  • Incident Record Keeping and Follow-up
  • Information Gathering techniques
  • Scanning techniques
  • Intrusion Detection Evasion techniques
  • Network level attack techniques
  • Session Management Testing
  • Operating System and Application-level Attacks
  • Netcat for Fun and Profit
  • Password Spraying and Cracking
  • Common Web Application Attack
  • Denial of Service Attack
  • Maintaining Access
  • Covering the Tracks
  • Putting It All Together
  • Tools Results and Hands-on Analysis
  • Lab: Log Analysis
  • Lab: Web Attack Intrusion Analysis
  • Understanding MITRE ATT&CK and D3FEND
  • Understanding Lockheed Martin Cyber Kill Chain
  • Identify a compromised system
  • Understanding malware characteristics
  • Common malware evasion and hiding techniques
  • Services log analysis
  • What to look on compromised endpoints
  • PowerShell and WMI command-line (WMIC)
  • Event Log analysis
  • Identify malicious process and services
  • Identify registry changes
  • TCP/IP concepts
  • Packet analysis fundamental
  • Wireshark introduction
  • Utilized Wireshark filters during packet analysis
  • Extract information from packet capture
  • Utilizing open-source intrusion detection system
  • Detect common malicious event using Snort
  • Extract useful information from network activity using using Zeek
  • Using Security Onion to capture malicious activity
  • Perform investigation based on alert raise from Security Onion
  • Lab Case Study: Investigate WannaCry detected from an endpoint
  • Lab Case Study: Investigate unknown malicious activity
  • Lab Case Study: Investigate attack on a server
  • Digital forensic introduction
  • What is digital evidence
  • Source of digital evidence
  • Digital forensic purposes and objectives
  • Forensic investigation challenges
  • Forensic investigation lab setup
  • Preserving digital evidence
  • Forensic acquisition process
  • Forensic acquisition tools
  • Acquisition challenges
  • Determining image integrity
  • Determining filesystem and partition table of the evidence
  • Identify existing countermeasure and anti-forensic system
  • Extracting operating system information
  • Extracting network packets information
  • Windows Registry analysis
  • Windows Shellbags and Prefetch analysis
  • Windows user profile and data forensic
  • Windows Event Log analysis
  • Windows System Resource Usage (SRU) forensic
  • Linux services and path execution analysis
  • Linux system configuration analysis
  • Linux user profile, history, and crontab analysis
  • Linux log files analysis
Requirements
  • Qualified CSIRT Team Leader
  • Intrusion Analyst and Threat Hunter
  • Skilled Forensic Investigators
  • System Administrator and System Security Engineer
+ View more
Description

We all routinely hear about cyber-attacks that are levelled against massive multinational corporations, compromising data and personal info. Don’t get caught with your digital pants down. As someone who defends the interests of a businesses, you need to be aware of the various attacks that can take place on a regular basis. This is specifically cybersecurity training for beginners, veterans need not apply.

Learn about the various ways in which attackers are looking to pierce your cybersecurity. We will teach you about the wide array of techniques they use, how to stop them, and how to build up your own digital defenses. Get wise and receive a hands-on experience as you defend against attacks in the moment and strengthen your defenses.

+ View more
Other related courses

Student feedback
0
Average rating
  • 0%
  • 0%
  • 0%
  • 0%
  • 0%
Reviews
Contact us
[email protected]
Ask our team
Contact us
[email protected]
Ask our team