This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Education Courses
No ratings

NetWitness Platform Analysis 11.6 ILT

ElynnKoh
Contributor Contributor
Contributor

on ‎2021-10-25 06:27 AM - edited 3 weeks ago by Occasional Contributor Occasional Contributor

Netwitness-Education-2C (2).png


Access Training
for Customers/PartnersAccess Training
for NetWitness Employees

 

 

 

$2,000 USD

 

 

2,000 Training Credits

 

 

 

This is an Instructor Led Training class, for On-Demand/Self-Paced please click here

 

Summary

This course presents a recommended process for responding to incidents using NetWitness Platform analysis tools and techniques.  Students practice the techniques and process by working through a series of use cases.
This is an update to version 11.6. 

 

Overview

This course covers how to use the NetWitness 11.6 platform including logs, packets and Advanced Endpoint, to respond to incidents by investigating incidents in the queue, documenting incidents, and escalating or closing incidents.   

Students will use NetWitness Platform Investigation features to analyze incidents using a recommended process. 

 

Audience

Level 1 and Level 2 analysts relatively new to NetWitness Platform, who wish to increase their familiarity with the tool’s features and functions within the context of incident response and analysis.

 

Duration: 2 days

 

Prerequisite Knowledge/Skills

NetWitness Platform Foundations 

Students should have familiarity with the basic processes of cybersecurity analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.

 

Course Objectives

Upon completion of this training, the learner should be able to: 

  • Identify Analyst roles and SOC models 
  • Describe incident types and methods to prioritize incidents 
  • Describe the Incident Response process 
  • Use tools and methods to filter data and enhance the dataset 
  • Use analysis tools and interfaces to perform incident response 
  • Describe the Investigative Methodology 
  • Describe a systematic approach to investigate metadata 
  • Identify types of threats 
  • Use the incident response process, the investigative methodology and tools to investigate multiple use cases using packets, logs and endpoint

 

Course Outline

Module 1: Analysis Tools and Processes 
Module 2: Investigating Metadata 
Module 3: Analysis Use Cases

 

 
If you have any questions, please contact your account manager or Contact Us directly!

 

 

Was this article helpful? Yes No
Version history
Last update:
3 weeks ago
Updated by:
Occasional Contributor Occasional Contributor
© 2022 RSA Security LLC or its affiliates. All rights reserved.