Recently, I earned a Certificate for Cyber Defense First Responder. The course covered the incident response process and the role of the Cyber Defense First Responder. Topics included identifying methods for Cyber Security Incident Response Team training and testing and testing.
Create an evidence map of your network and identify various types of evidence at each point, and document potential compromises for access points within the network. The tool Nessus Professional , a vulnerability scanner, was recommended in conjunction with the evidence map to prevent network attacks.
Another tool discussed and demonstrated was Windows Live Responsive. It is a forensic tool to collect and analyze data and evidence on a computer. We also imaged a hard drive and used write blockers to collect evidence. The Chain of Custody of any evidence gathered in an investigation is critical, document the process throughout the process. It is very important that you have authorization to examine a computer and any related evidence before you even begin download any data.
The course covered Rules of Evidence, legal processes, proof of expertise, licensing professional forensic tools for investigations , and cyber defense methodology. The hands-on demonstrations in class reinforced the skills and knowledge throughout the day. Overall, I expanded my cyber security knowledge base, learned how to use more forensic tools and had fun.