This on-demand lab presents techniques to analyze an RSA NetWitness Logs and Packets environment use case. Students will be presented with a scenario, and then will have an opportunity to identify and reconstruct use cases in a virtual lab environment.
This interactive on-demand lab will help you to improve your knowledge of RSA NetWitness Logs and Packets. Within a case-study scenario, you will act as a Security Analyst at a fictitious company tasked with investigating security issues. Critical techniques are explained by a series of optional video demonstrations. After your initial investigation, you will be tasked with identifying and solving the issues in a hands-on lab environment using the printable lab guide. Specifically, you will attempt to identify and reconstruct a malicious network intrusion leveraging both log and packet data. After the guided lab, you will come back to the on-demand learning window for a summary of actions performed. Next, you will take an assessment required for credit in this course. And finally, you will complete a student evaluation.
RSA Professional Services Consultants and Partner Consultants
Scheduling Lab Time
Schedule lab time at https://traininglabs.rsa.com (Detailed account creation & scheduling instructions are in your Lab Guide).
Students should have completed the following training (or have equivalent knowledge) prior to taking this training:
Upon successful completion of this training, participants should be able to:
- Investigate a common analysis use case: the presence of malware as revealed by log entries in the environment
- Identify the malware, and to trace its movement through the network
- Integrate packet data into your investigation to reconstruct the specific actions of the malware
- Determine the cause and nature of the threat, and suggest remediation
- Course Introduction
- Scenario Introduction
- Instructional Videos
- Hands-on Lab
- Course Evaluation