top of page

1600

NX215 – Linux Forensics

Válido por 6 meses

Organizations: Contact us for enterprise solutions and volume pricing.

Linux Forensics

Advanced Linux system investigation

Master forensic analysis techniques for Linux systems, from artifact collection to timeline reconstruction, using professional tools and methodologies.

Series

NX Defense

Program Code

NX215

Level

Level-4

Organizations: Contact us for enterprise solutions and volume pricing.

What Our Clients Say

John Bryce.jpg
“Over 1000 of our students have been trained using ThinkCyber's Products and Services. The hands-on experience they gain from using the Cyberium Arena Simulator and Specto is invaluable and has been instrumental in their career progression”

— John Bryce Training Center, Israel

HLS Testomonial.jpg
“The training was crucial, providing my team with a wealth of knowledge through hands-on experiences. This is why, throughout June 2023, we will be welcoming SOC analysts from across the nation to participate in the CACC (CERT-IL Advanced Cyber Training). This training, facilitated by ThinkCyber and utilizing the Cyberium simulator, will provide invaluable experience and knowledge upgrades.”

— Homeland Security

James CFC Testimonial.jpg
“Our students are getting excellent positions such as SOC Analysts, Network Security Engineers, Forensics and Penetration Testers thanks to the applicable and relevant hands-on cybersecurity skills they've acquired through ThinkCyber's solutions.”

— James Lim, CEO of Centre for Cybersecurity Institute, Singapore

Army Testimonial.jpg
“Exceptional course! I've attended numerous programs, but this outshines them all in every conceivable way: the comprehensive content, the expert guidance, the practical exercises, and the seamless organization of the entire course.”

— Defense Forces

Description

Take your Linux investigation skills to the next level. From log analysis to memory forensics, you'll learn to uncover the truth in compromised systems. Using professional tools and techniques, you'll master the art of examining artifacts, analyzing system behavior, and reconstructing incident timelines.

 

Most students complete this course in 10 to 12 weeks when studying regularly.

Program Impact & Outcomes

After completing this course, you will:

  • Master Linux forensic investigation techniques

  • Analyze system logs and network traffic

  • Handle live system investigations

  • Collect and examine digital artifacts

  • Reconstruct incident timelines

  • Apply memory analysis techniques

Real-World Training Environment

From day one, you will:

  • Work with professional forensic tools

  • Analyze real system artifacts

  • Practice log analysis techniques

  • Perform memory dumping and analysis

  • Conduct live system investigations

  • Build incident timelines

What You Will Learn

Dive deep into the realm of Linux Forensics with this comprehensive course, designed to equip participants with hands-on skills in data acquisition, memory analysis, malware detection, and more. Explore real-world scenarios, understand the intricacies of the Linux file system, and master advanced forensic techniques. This course combines theory with practical labs, ensuring a holistic understanding of Linux-based digital investigations.

Linux Forensics
  • This module provides a comprehensive introduction to Linux fundamentals, then delves into the details of Linux services, including how they are managed and configured. Finally, it equips learners with scripting skills, vital for automation and advanced tasks in Linux environments.

    • Intro to Linux

    • Virtualization

    • Basic Commands

    • System Files

    • Services

    • Installation

    • Configuration Files

    • Logs Files

    • Scripting

    • File Permissions

    • Linux Automation
       

  • Log Analysis, it details how to inspect Linux logs for vital clues during an investigation. The File Analysis section teaches methods to dissect Linux file systems and extract meaningful data. Finally, Network Analysis imparts techniques for inspecting network traffic and identifying suspicious patterns or anomalies, essential for cyber investigations.

    • Log Analysis

    • Text Manipulation

    • Built-in Logs

    • Logs Best Practice

    • File Analysis

    • Metadata

    • Carving

    • Steganography

    • Calls

    • Network Analysis

    • Wireshark

    • General Network Tools

    • TShark Automation
       

  • The Artifact section instructs how to locate and interpret Linux system artifacts, invaluable in post-breach investigations. Live Analysis imparts skills to scrutinize active systems, identifying ongoing threats. The Analyzing Images portion discusses methods to inspect and interpret disk images, revealing concealed data or evidence.

    • Artifacts

    • Hashes and Encodings

    • User Files

    • Understanding Shells

    • System Files

    • Suspicious User-Info

    • Live Analysis

    • Mounting Partitions

    • Dumping Memory

    • Cloning HDD

    • Log File Advance Search

    • Captured Images

    • Working with FTK

    • Detecting Hidden Files and Directories
       

  • This module covers essential Network Protocols, providing an understanding of their operations and potential vulnerabilities. It then explores Network Attacks, discussing various attack vectors and strategies. Lastly, the module introduces the concept of hardening, teaching learners how to strengthen a Linux system against possible threats.

    • Netcat

    • Different Uses

    • Network Protocols

    • MiTM

    • Analyzing Traffic

    • Network Attacks

    • SSH

    • FTP

    • Hardening
       

bottom of page