This instructor-led course provides experience using the features and functions of RSA NetWitness Platform to to respond to and investigate incidents.
This instructor-led classroom-based course provides hands-on experience using the RSA NetWitness Platform to investigate and remediate security incidents. The course consists of about 50% hands-on lab work, following a practical methodology from the incident queue through investigation, event reconstruction, damage assessment, and documentation using real-world use cases.
Level 1 and Level 2 analysts relatively new to RSA NetWitness Platform, who wish to increase their familiarity with the tool’s features and functions within the context of incident response and analysis.
Students should have familiarity with the basic processes of cybersecurity forensic analysis, including some knowledge of network architecture, the TCP/IP stack, networking protocols, and integrating log & network traffic to perform analysis on network-based security events.
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training: