SD0108-Basic Incident Analyst

1. Introduction 

Cyber attack is an attack launched from one or more computers against another computer, multiple computers or networks. Cyber attacks can be broken down into two broad types: attacks where the goal is to disable the target computer or knock it offline, or attacks where the goal is to get access to the target computer’s data and perhaps gain admin privileges on it. 

Your online services will definitely getting hit by one day and as in cybersecurity official in charge, you need to have at least basic skill for cyber incident investigation. 

2. Course Objective 

 The objective of this course is to equipped students with the basic knowledge how to gather initial digital footprint as part of the whole investigation case. 

• Understanding the basic function of incident response unit
• Familiar with basic Domain and IP address investigation
• Understanding OWASP 
• Understanding Log analysis 
• Basic email investigation 

3. Course outcome 

After completed this course, the participants will be able to:

• Describe the basic function of incident response team 
• Find the origin of domain name and IP address 
• Familiar with basic log analysis for web attack and their protection 
• Investigate the source of email attack 
• And Hand-on case study on cyber investigation 

4. Pre-requirement of the participants 

The participant needs to have:

• Basic knowledge on Information Technology and Operation System (Windows and Linux)
• Familiar with networking, Internet and e-mail concept 
• Basic knowledge in Linux command 
• Bring your own laptop 

5. Course Outline 

Day 1 

Day 2 

Day 3