Many organizations rely on technology to perform anomaly detection and investigation. But when it comes to identifying and investigating abnormal behavior on a system, there is no substitute for a well-trained analyst. Focal Point - Windows System Analysis teaches students how to identify abnormal activity and investigate a running system that may have been compromised. In this course, students will learn the most useful commands, tools, and techniques that can be employed during an investigation to reveal significant indicators of infiltration and how to create a system baseline for future analysis. This course is primarily focused on the Windows 10 operating system, but includes many tools and techniques that also apply to Windows 7 and more recent versions of the Windows Server.
The practical assessment for this course is an investigation scenario that will require students to use all of the knowledge, skills and abilities acquired during class to remotely analyze a network of systems, identify compromised machines, and remediate as appropriate.
Learn more about this topic. View the recorded webinar From Analyst to Threat Hunter.