Practical: Malware Analysis and Investigations

Use investigative methods to detect malware

This course is five weeks long and will allow you to put the knowledge gained from the Digital Forensics and Incident Response Expert Track (DFIR) into practice.

You'll learn how to use investigation methods in the context of malware and the practical steps you can take to prevent an attack.

You'll learn how you can set up the right environment to extract the most information about malicious software by exploring different analysis environments.

Learn how to identify network connections and collect network traffic

Malware is often delivered over a network. Understanding the network connections is crucial to help you prevent an attack.

You'll learn practical methods to detect malware connectivity and the importance of collecting network data - the amount that moves across a computer network.

Analyze static vs volatile data

To help you understand malware and its impact on systems, you will be able to identify various types of malware analysis such as static and volatile.

You'll learn how you can identify suspicious processes and files and how to spot malware persistence mechanisms. This will help you to remove malware as quickly as possible in the event of an attack.

You will feel confident applying your knowledge to real situations by the end of this course.