on 2021-10-2506:27 AM - edited on 2023-05-1709:36 AM by kohe3
This course presents a recommended process for responding to incidents using NetWitness Platform analysis tools and techniques. Students practice the techniques and process by working through a series of use cases.
Level 1 and Level 2 analysts relatively new to NetWitness Platform, who wish to increase their familiarity with the tool’s features and functions within the context of incident response and analysis.
Students should have familiarity with the basic processes of cybersecurity analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.
This course covers how to use the NetWitness 11.6 platform including logs, packets and Advanced Endpoint, to respond to incidents by investigating incidents in the queue, documenting incidents, and escalating or closing incidents.
Students will use NetWitness Platform Investigation features to analyze incidents using a recommended process.