The OpenText EnCase - Endpoint Security training course is designed to instruct computer investigation and information security professionals' incident analysis and response, data risk mitigation, and data policy compliance techniques, using the EnCase Endpoint Security.
By attending OpenText EnCase - Endpoint Security workshop, delegates will learn:
- Cybersecurity issues currently facing corporations and organizations
- The capabilities provided with EnCase Endpoint Security
- Setting up and configuring EnCase Endpoint Security to begin investigations
- Creating investigations using the EnCase Endpoint Security web interface
- Navigating through an investigation
- Preparing detections for escalation to the next level of investigation
- Using the Memory Acquisition module
- Using preconfigured policy rules to detect malicious or suspicious activity
- Creating and importing white and black lists
- Using conditions to focus searches
- Creating snapshots and using snapshot technology
- Creating a job to acquire RAM
- Conducting searches of the Windows Registry
- Conducting a timeline analysis using the real-time monitoring tools included with EnCase Endpoint Security
- Searching indicators of compromise (IOC)
- Finding Items of Interest (IoI)
- Collecting and reviewing data
- Remediation techniques
- Good understanding of using EnCase Endpoint Investigator for incident response investigations.
- Knowledge of computer networking hardware, protocols, and concepts is helpful.
The OpenText EnCase - Endpoint Security class is ideal for:
- Law Enforcement Officers, Computer Forensic Examiners, Corporate & Private Investigators & Network Security Personnel.