RSA NetWitness Logs and Packets Use Case Analysis

Document created by Elizabeth Maloney Employee on Oct 4, 2016Last modified by Elizabeth Maloney Employee on May 1, 2017
Version 5Show Document
  • View in full screen mode

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

Summary

This on-demand lab presents techniques to analyze an RSA NetWitness Logs and Packets environment use case. Students will be presented with a scenario, and then will have an opportunity to identify and reconstruct use cases in a virtual lab environment.

 

Overview
This interactive on-demand lab will help you to improve your knowledge of RSA NetWitness Logs and Packets. Within a case-study scenario, you will act as a Security Analyst at a fictitious company tasked with investigating security issues. Critical techniques are explained by a series of optional video demonstrations. After your initial investigation, you will be tasked with identifying and solving the issues in a hands-on lab environment using the printable lab guide. Specifically, you will attempt to identify and reconstruct a malicious network intrusion leveraging both log and packet data. After the guided lab, you will come back to the on-demand learning window for a summary of actions performed. Next, you will take an assessment required for credit in this course. And finally, you will complete a student evaluation.


Audience
RSA Professional Services Consultants and Partner Consultants


Delivery Type
On-Demand Lab


Duration
4 hours


Scheduling Lab Time
Schedule lab time at https://traininglabs.rsa.com (Detailed account creation & scheduling instructions are in your Lab Guide).


Prerequisite Knowledge/Skills
Students should have completed the following training (or have equivalent knowledge) prior to taking this training:

 

Learning Objectives
Upon successful completion of this training, participants should be able to:

  • Investigate a common analysis use case: the presence of malware as revealed by log entries in the environment
  • Identify the malware, and to trace its movement through the network
  • Integrate packet data into your investigation to reconstruct the specific actions of the malware
  • Determine the cause and nature of the threat, and suggest remediation

 

Course Outline

  • Course Introduction
  • Scenario Introduction
  • Instructional Videos
  • Hands-on Lab
  • Summary
  • Assessment
  • Course Evaluation

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes