0345 4506120

CREST Registered Intrusion Analyst

This is the first cross discipline course of its’ kind that covers the essential knowledge and hands-on practical skills needed for intrusion detection, incident handling, computer/network forensics, and malware reverse engineering.


This course raises the bar and sets a new security baseline for existing practitioners and aspiring Intrusion Analysis and Digital Forensics professionals. Every team member should take this course at some point along their career path. Following this course, a student may challenge the CREST core skills exam resulting in the CREST Registered Intrusion Analyst (CRIA) professional qualification.

  Reset

Learning Objectives

You will learn how to detect an attack, how to handle it, how to trace and acquire the evidence, investigate, analyse and re-construct the incident. We then lay the groundwork for malware analysis by presenting the key tools and techniques malware analysts use to examine malicious programs. Practical exercises throughout ensure that the skills learned can be put to work immediately and that you are prepared for the CRIA practical exam.

Target Audience

  • Aspiring information security personnel who wish to be part of an Incident Response team
  • Existing practitioners wishing to become CREST Registered
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Digital Forensics
  • Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications

Who should attend

This training is intended for individuals who wish to have a rewarding and lucrative career in the Cyber Security world.

Pre-Requisites

A pass at CREST Practitioner Intrusion Analyst level is a pre-requisite for the Intrusion Analyst examination.

Course Content

Soft Skills and Incident Handling

  • Incident Chronology
  • Record Keeping, Interim Reporting and Final Results

Core Technical Skills

  • IP Protocols
  • Common Classes of Tools
  • Application fingerprinting
  • Network Access Control Analysis
  • Host Analysis Techniques

Networking Intrusion Analysis

  • Data Sources and Network Log Sources
  • Beaconing
  • Command and Control Channels
  • Exfiltration of Data
  • Incoming Attacks
  • Reconnaissance
  • Internal Spread and Privilege Escalation
  • False Positive Acknowledgement

Analysing Host Intrusions

  • Windows File System Essentials
  • Windows File Structures
  • Application File Structures
  • Windows Registry Essentials
  • Identifying Suspect Files
  • Memory Analysis
  • Infection Vectors
  • Live Malware Analysis

Reverse Engineering Malware

  • Functionality Identification
  • Processor Architectures
  • Windows Executable File Formats
  • Behavioural Analysis

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include