on Sep 17, 2019Wednesday, October 16, 2019 at Live Virtual Classroom Training
Starts at 5:00 AM · Ends on Oct 17, 2019 at 1:00 PM, EDT (America/New_York)
This instructor-led classroom-based course provides hands-on experience using the RSA NetWitness Logs & Network tool to identify, investigate and remediate network-based security breaches on your enterprise network. The course consists of about 75% hands-on lab work, following practical use cases from the identification and investigation stages through event reconstruction, damage assessment, and remediation.
Prerequisite Knowledge/Skills
Students should have familiarity with the basic processes of cybersecurity forensic analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training: RSA NetWitness Logs & Network Foundations
Course Objectives
Upon successful completion of this course, participants should be able to:
- Build dynamic dashboards to monitor network alerts
- Create alerts to populate dashboards
- Create alerts to populate meta keys
- Use investigation and event reconstruction techniques to reconstruct breach events
- Create reports to consolidate alerts across a configurable time period
- Create alerts to generate incidents in the Incident Queue
- Assign, document, and remediate incidents from within the Incident Queue
- Identify, reconstruct, and remediate four sample use cases within the student laboratory SOC environment
Live Virtual Classroom Training