Windows Memory Forensics
One course that teaches you all about analysing events related to compromises or breaches in Windows Systems.
This course will help you understand and review details regarding events related to compromise of the system. Windows Memory Forensics is widely used in malware analysis and finding evidence about Windows systems in case of a cyber-attack. In this course, you will learn how to gather evidence related to infected Windows systems and also how to use Windows memory forensics in analysing malwares.
Benefits of choosing this course
Benefits of choosing the Windows Memory Forensics course
Learn how to capture and record evidence related to breaches in Windows systems.
Understand the art of evidence collection and malware analysis.
Discover the challenges of Memory Forensics and how to deal with them.
Highlights of the Windows Memory Forensics course
Your gateway to mastering a highly-relevant information security skill.
The perfect blend of theoretical and hands-on practical training.
Downloadable study material and self-assessment tests for reinforced learning.
- Key Learning Objectives
Key Learning Objectives
After completing the Windows Memory Forensics course, students will be able to:
- Articulate what is Memory Forensics, its importance and associated challenges.
- Explain how to capture memory states and conduct memory analysis.
- Properly understand how to find artefacts from Windows ROM.
- Comprehend the Volatility Framework and how to use it to perform memory analysis.
- Work with Normal Process Relationship.
- Understand the process of capturing RAM FTK Imager. .
- Comprehend and work with Volatility Modules for Windows - imageinfo, connections, pslist, sockets.
Directly download the full Learning Objectives of the course here
Templates. Worksheets & Mind-maps
When you enrol in this course you will have access to several worksheets & templates that you can use immediately. Take a look at the course curriculum, below, to see whats included in this course.
The image immediately below is a gallery view of some of the templates and collateral available to students.
Continuing Professional Development
CPD points can be claimed for this course at the rate of 1 point per hour of training for this NCSC-certified and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop - for when organisations host this course internally).
CIPR Student-Only Incident Response Plan Template
As a student you get access to unique content including our highly acclaimed Cyber Incident Response Plan Template. If you want, you can download the FREE version of the Incident Response Plan template here.