Hands-On Digital Forensics & Incident Response Exercise
DFIR NetWars Continuous is a 4-month hands-on training solution covering a wide range of cybersecurity topics designed with challenges and hints that support continuous knowledge and skill development.
In DFIR NetWars Continuous, you take on the role of cyber investigator and have to uncover key clues from the evidence. The range guides you through a series of challenges where you parse through and reveal key facts within files, processes and programs commonly found in today's computing environments.
Flexible Access
Train and practice online anytime and anywhere. Crucial for individuals who need to balance training with other commitments, reduce travel costs, and ensure that they can delve into the material at a comfortable speed and maximize retention.
Proficiency Tool
Organizations can assess the proficiency of their teams, identify areas for improvement, and ensure that employees are up to date with our personalized scorecard, creating a customized training program for your personnel. Individual users also receive a scorecard.
Extended Engagement
With a comprehensive content selection, the extended access allows users to explore the intricacies of a topic thoroughly, particularly valuable for practitioners who aim to master complex topics in information security at their own pace.
Key Specs
- Focus Areas: Digital Forensics & Incident Response
- CPEs: Up to 12
- Delivery: Online
- Leaderboard: No
- Levels: All
- Minimum Seats: 1
- Moderator Required: No
- Player Mode: Solo & Team
- Run Time: 4 months
- Scorecard: Yes
Example Task:
Discover embedded metadata in images and documents, review and extract info from PCAP files, review social media tickets and identify suspicious accounts, find last users of applications on IOS devices, analyze a malware executable file, and more.
Example Topics:
- Windows/Endpoint incident response
- Windows forensics
- Mac forensics
- Network forensics
- Cyber threat intelligence
- Smartphone/mobile forensics
- Malware analysis
Suggested Tools:
MemProcFS, Registry Explorer, ExifTool, FTK Imager, Arsenal Image Mounter, Wireshark, SIFT Workstation, NetFlow, iBackupBot, EvtxExplorer, and others.
Computer Requirement:
- Processor: 64-bit, x86, 2.0 GHz+
- Memory: 16GB
- HD: 200GB+ Free, plus 50GB download of evidence files and virtual machines
- Interface: USB 3.0 | Type-A
- OS: Windows, Mac and Linux
- VMware (Students are expected to either provide their own forensics tools or use the local VMware VM tools that we provide).
For group purchase, reach out to our SANS advisors here.