Oct
16

RSA NetWitness Platform Analysis

Created by Catherine Robichaud Employee on Sep 17, 2019

Wednesday, October 16, 2019 at Live Virtual Classroom Training

Starts at 5:00 AM · Ends on Oct 17, 2019 at 1:00 PM, EDT (America/New_York)

  • Catherine Robichaud

This instructor-led classroom-based course provides hands-on experience using the RSA NetWitness Logs & Network tool to identify, investigate and remediate network-based security breaches on your enterprise network. The course consists of about 75% hands-on lab work, following practical use cases from the identification and investigation stages through event reconstruction, damage assessment, and remediation.

 

Prerequisite Knowledge/Skills

Students should have familiarity with the basic processes of cybersecurity forensic analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.

 

Students should have completed the following courses (or have equivalent knowledge) prior to taking this training: RSA NetWitness Logs & Network Foundations

 

Course Objectives

Upon successful completion of this course, participants should be able to:

  • Build dynamic dashboards to monitor network alerts
  • Create alerts to populate dashboards
  • Create alerts to populate meta keys
  • Use investigation and event reconstruction techniques to reconstruct breach events
  • Create reports to consolidate alerts across a configurable time period
  • Create alerts to generate incidents in the Incident Queue
  • Assign, document, and remediate incidents from within the Incident Queue
  • Identify, reconstruct, and remediate four sample use cases within the student laboratory SOC environment

 

Click HERE to register for this training event. 

If you have any questions please click HERE.

Live Virtual Classroom Training