Malware Forensics
Select Projects
In the prior project, you used network forensics to write an incident report detailing how you captured, recorded, and analyzed events that occurred on a network. Based on this analysis, you determined that there has been a breach of the network.
Next, you must use the network forensic evidence you gathered to understand how the attack was conducted to better understand exactly what took place during the attack. There are several ways to identify the source of attacks. One of the challenges with network forensics is making sense of the data, which often comes from multiple sources, not to mention the fact that incidents of interest may occur at different times.
In this project, you will analyze suspicious software in a virtualized environment to determine whether the code is in fact malware.
The final report will summarize how you used your knowledge and skills in malware forensics to analyze the attack and determine what occurred and when. It will also offer recommendations on ways to improve the organization’s defense posture and response.