
- This event has passed.
Digital Forensics and Incident Response – REMOTE
June 4, 2021 @ 9:00 am - June 5, 2021 @ 5:00 pm
Event Navigation

Digital Forensics and Incident Response – REMOTE
The Digital Forensics & Incident Response course provides industry knowledge and techniques to develop your organization’s incident response policy and procedures. In addition to providing Business Continuity steps, we dive into the understanding and planning of incident response procedures, information security terminology, and the establishment of your DFIR lab. Students will learn how to fully prepare their organization for audits by using forensic techniques to capture key evidence.
Course Type
This course is presented remotely over virtual conferencing. Log-in details will be provided after registration.
Key Features
- Development of a Business Continuity Plan.
- Cybersecurity Training and Education.
- Incident Response Preparation.
- How to Scope the Current Cybersecurity Posture of the Organization.
- How to Deploy and use a Virtual Machine for Digital Forensics and Incident Response.
Who Should Attend
- Everyone under the IT Umbrella should attend this course.
Requirements
This course has a lab exercise attached which will require the use of a PC or Mac with Admin Rights or Oracle VirtualBox already pre-loaded. The course is virtual and will require the ability to download image files for use with Oracle VirtualBox. The instructor will personally ensure that all students have the necessary virtualization software to take the course. All software is included with the course.
Day 1 Schedule
Introduction to Digital Forensics | 09:00a-10:30a |
Chain of Custody | 11:00a-12:15p |
Evidence Management | 01:30p-03:00p |
Event Capture Techniques | 03:30p-05:00p |
Day 2 Schedule
Windows Event Capture Lab | 09:00a-10:30a |
Linux Event Capture Lab | 11:00a-12:15p |
Incident Response Live Exercise | 01:30p-03:00p |
Capstone Exercise | 03:30p-05:00p |
Course Fee: $1,664.00 per person
Instructor
Charles Payne has worked in Digital Forensics and Incident Response for the last five years. During this time, he has witnessed and actively participated in the identification and remediation of numerous exploits. He has actively led his team to hunt, teach, and explain the industry logic for controls that are implemented under frameworks such as NIST, DISA, and ISO. Charles spends much of his free time teaching others about cybersecurity and learning new methods to advance the community’s understanding.
Instructor Statement: “Alone we’re isolated. Together, we’re a community.”
“This mindset is a result of witnessing both sides work through their procedures. Blue teams, the defenders, are typically comprised of an internal group within a corporation, which tend to hold attack vector data well-guarded, unable to be shared with the community. On the other hand, red teams, the attackers, regularly share their failures and accomplishments within their community, enabling their target to become compromised that much faster. The solution is not always something novel or innovative, it is often just better and more regular communication within the community.”
This training is presented as a joint venture between Cyberkraft Training and Direct Line 2 Compliance in cooperation with CIEDAR and Texas State University.