- Payment Agreement
- › Our Cyber Training Courses
- Advanced Offensive Methodology & Analysis (A-OMA)
- Cyber Leader Course (CLC)
- Cyber Mission Foundations (CMF)
- Digital Forensics & Analysis (DFA)
- Offensive Methodology & Analysis (OMA)
- Windows & Linux Scripting (WLS)
- Windows Exploitation & Analysis (WEA)
- My Account
- Log In
- Class Alerts
- My Courses
October 19 – 30, 2020
November 30 – December 11, 2020
Cost (single seat): $9,200
Course Length: 10 Days
Recommended for: Intermediate Students
Additional group and government discounts available. Contact Parrot Labs for more information!
Register for Course
To begin the registration process, click Register Here to complete our Payment Agreement. We will contact you to complete the process.
What will you get out of DFA?
Students will learn in-depth digital forensic knowledge of the inner workings of malware analysis while preparing to become proficient cyber mission malware hunters and defenders.
What does DFA offer?
- Textbook and lab manual to accompany instruction
- Access to a personal sandboxed network, allowing students to learn at their own pace
- Realistic network including rootkits and malware for analysis, and routing and servers set up to perform the malware delivery chain
Why should you enroll in DFA?
Learn about the inner workings of Windows as it relates to live forensics and malware analysis.
- Investigate real malware, including TDL4, Spybot, and Metasploit backdoors
- Learn how to perform Memory forensics seeking malware that bypasses antivirus solution
- Discover how reading network traffic assists with finding artifacts and identifying malicious behavior
Malware Delivery Chain
What topics are covered in DFA?
- Learn about the Sysinternals Suite and native tools (netstat, tasklist, etc.)
- Begin PowerShell scripting to automate process analysis
- Locate running malware and discover persistence vectors
FILE SYSTEM ANALYSIS
- Search for forensic artifacts and perform a timeline analysis
- Copy a hard drive using open-source tools
- Analyze the following artifacts
- Prefetch files
- Volume Shadow Copy Service
- Interesting registry keys
- Become a more proficient cyber mission defender running malware executables
- Create signatures for malware executables as Indicators of Compromise (IOC) and check other systems on the network for these IOCs
- This course concludes with a full-day capstone that combines the skills learned throughout the course
The ACE CREDIT logo is a registered trademark of the American Council on Education and cannot be used or reproduced without the express written consent of the American Council on Education.