SANS - SEC504: Hacker Tools, Techniques, and Incident Handling

SANS - SEC504: Hacker Tools, Techniques, and Incident Handling

Register & Get access to index
GWwQJpu.png


SEC504 helps you develop the skills to conduct incident response investigations. You will learn how to apply a dynamic incident response process to evolving cyber threats, and how to develop threat intelligence to mount effective defense strategies for cloud and on-premises platforms. We'll examine the latest threats to organizations, from watering hole attacks to endpoint security bypass, enabling you to get into the mindset of attackers and anticipate their moves. SEC504 gives you the information you need to understand how attackers scan, exploit, pivot, and establish persistence in cloud and conventional systems. To help you develop retention and long-term recall of the course material, 50 percent of class time is spent on hands-on exercises, using visual association tools to break down complex topics. This course prepares you to conduct cyber investigations and will boost your career by helping you develop these in-demand skills.

What You Will Learn​

The goal of modern cloud and on-premises systems is to prevent compromise, but the reality is that detection and response are critical. Keeping your organization out of the breach headlines depends on how well incidents are handled to minimize loss to the company.

In SEC504, you will learn how to apply a dynamic approach to incident response. Using indicators of compromise, you will practice the steps to effectively respond to breaches affecting Windows, Linux, and cloud platforms. You will be able to take the skills and hands-on experience gained in the course back to the office and apply them immediately.

Understanding the steps to effectively conduct incident response is only one part of the equation. To fully grasp the actions attackers take against an organization, from initial compromise to internal network pivoting, you also need to understand their tools and techniques. In the hands-on environment provided by SEC504, youll use the tools of the attackers themselves in order to understand how they are applied and the artifacts the attackers leave behind. By getting into the mindset of attackers, you will learn how they apply their trade against your organization, and youll be able to use that insight to anticipate their moves and build better defenses.

In SEC504, you will learn:​
  • How to apply a dynamic approach to incident response
  • How to identify threats using host, network, and log analysis
  • Best practices for effective cloud incident response
  • Cyber investigation processes using live analysis, network insight, and memory forensics
  • Defense spotlight strategies to protect critical assets
  • Attacker techniques to evade endpoint detection tools
  • How attackers exploit complex cloud vulnerabilities
  • Attacker steps for internal discovery and lateral movement after an initial compromise
  • The most effective attacks to bypass system access controls
  • The crafty techniques attackers use, and how to stop them
Author
TUTProfessor
Downloads
188
Views
2,018
First release
Last update
Rating
4.50 star(s) 2 ratings

More resources from TUTProfessor

Latest reviews

One of the most important certificates for Red Team.
The wiki with all the text information is inside the VMs.
cool stuff. download is not working thought