Courses & Workshops

Have questions about training?     Contact us

IR280 - EnCase® Endpoint Security Training

Duration: 3 Days

**Formerly EnCase Cybersecurity and Analytics

Please note that this course is product-specific for EnCase Endpoint Security. Students should have a good understanding of using EnCase Basic (formerly EnCase® Enterprise) for incident response investigations. Advance preparation for this course is not required.

This hands-on course is designed to instruct computer investigation and information security professionals’ incident analysis and response, data risk mitigation, and data policy compliance techniques, using the EnCase Endpoint Security. The techniques taught in this course enable students to greatly reduce the risk, cost, and time associated with exposing and recovering from threats designed to evade layered security solutions, and the importance of identifying and securing sensitive data.

The EnCase Endpoint Security solution provides powerful network-enabled incident response capabilities and forensic-grade data risk assessments to expose and remediate any undiscovered threat — whether it be the latest custom malware, suspicious insider activity, or errant sensitive data. The techniques taught in this course enable students to greatly reduce the risk, cost, and time associated with exposing and recovering from threats designed to evade layered security solutions, and the importance of identifying and securing sensitive data. Upon completion of this course you will be able to use EnCase Endpoint Security to:

  • Reduce data-security noncompliance risk and cost.
  • Reduce the risk and cost of damage that advanced malware causes to data assets.
  • Reduce the time associated with successfully resolving security incidents.

Delivery method: Classroom. NASBA defined level: basic.

CPE Credits - 24

Audience

This course is intended for corporate and government/ investigators and network security personnel. Incident response supervisors and team members are encouraged to attend, as are individuals working in a data audit, policy enforcement, or network intrusion investigation role. An understanding of the concepts of computer forensics and familiarity with the EnCase Basic software is required. Knowledge of computer networking hardware, protocols, and concepts is helpful, but not required. Class curriculum is designed to provide a good overview of using EnCase Endpoint Security as a data-centric, cyberforensic solution for incident response and risk management.

Prerequisites

Please note that this course is product-specific for EnCase Endpoint Security. Students should have a good understanding of using EnCase Basic (formerly EnCase® Enterprise) for incident response investigations. Advance preparation for this course is not required.>

Summary:

This course will teach students how to rapidly respond to high-priority events and focus in on malicious code designed to evade traditional layered security solutions and perimeter defenses. Students will learn how to expose zero-day threats and other hard-to-expose advanced hacking techniques, including iterations of morphing malware, injected .dll files, covert root kits, and insider threats — whether inadvertent or malicious. Students will learn how to triage for, identify, analyze, remediate, and recover from these threats.

Students will also learn how to assess and control endpoint risk. Students will be able to search across networks, targeting sensitive or confidential data of interest (such as credit card numbers, account numbers, intellectual property, or classified data). Students will have the ability to understand where and how sensitive data is stored and enforce data policy by wiping sensitive data from unauthorized locations.

This course will cover the following topics:

  • Cybersecurity issues currently facing corporations and organizations
  • The capabilities provided with EnCase Endpoint Security
  • Setting up and configuring EnCase Endpoint Security to begin investigations
  • Creating investigations using the EnCase Endpoint Security web interface
  • Navigating through an investigation
  • Preparing detections for escalation to the next level of investigation
  • Using the Memory Acquisition module
  • Using preconfigured policy rules to detect malicious or suspicious activity
  • Importing white and black lists
  • Using conditions to focus searches
  • Conducting searches of the Windows® Registry
  • Conducting a timeline analysis using the real-time monitoring tools included with EnCase Endpoint Security
  • Searching indicators of compromise (IOC)
  • Collecting and reviewing data
  • Remediation techniques

Pricing

Format Currency Price
Per Student at Open Text Site €  1,777.95 
Per Student at Open Text Site GBP  1,558.45 
Per Student at Open Text Site USD  2,195.00 

Taxes: All prices exclude VAT or other taxes where applicable (all currencies).

Extra expenses: Customer site course prices do not include instructor travel expenses, which are billed separately.

Reservations: Please provide a minimum of 3 weeks advance notice when arranging courses at customer sites.

Course & Workshop Calendar

Below is a listing of all the currently available dates and locations for this course and/or workshop from Open Text.

Selection & Registration Process

Before you can register for a course or workshop, you need to select which one you want to attend. To do this, simply click on the "Add to cart" link and it will be added to your shopping cart.

Note: After clicking on the "Add to cart" link, you will be taken to the main course and workshop selection page where all of the courses and workshops you have added to your shopping cart will appear at the top of the page.

Once you have selected all the courses and workshops you want to attend, simply select the "Check-out link and complete the registration form.

Date Course Type Course Name Language Location Price Add
Oct 30, 2018  On-site  IR280 - EnCase® Endpoint   English  GSI-Washington, DC 2,195.00  Add to Cart 
Oct 30, 2018  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Eastern Time 2,195.00  Add to Cart 
Dec 04, 2018  On-site  IR280 - EnCase® Endpoint   English  GSI-Pasadena 2,195.00  Add to Cart 
Dec 04, 2018  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Pacific Time 2,195.00  Add to Cart 
Jan 22, 2019  On-site  IR280 - EnCase® Endpoint   English  GSI-Washington, DC 2,195.00  Add to Cart 
Jan 22, 2019  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Eastern Time 2,195.00  Add to Cart 
Feb 26, 2019  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Pacific Time 2,195.00  Add to Cart 
Feb 26, 2019  On-site  IR280 - EnCase® Endpoint   English  GSI-Pasadena 2,195.00  Add to Cart 
Mar 19, 2019  On-site  IR280 - EnCase® Endpoint   English  GSI-Reading 1,558.45  Add to Cart 
Mar 19, 2019  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - Europe GSI UK Time 1,558.45  Add to Cart 
Apr 16, 2019  On-site  IR280 - EnCase® Endpoint   English  GSI-Washington, DC 2,195.00  Add to Cart 
Apr 16, 2019  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Eastern Time 2,195.00  Add to Cart 
Jun 04, 2019  On-site  IR280 - EnCase® Endpoint   English  GSI-Pasadena 2,195.00  Add to Cart 
Jun 04, 2019  On-site  IR280 - EnCase® Endpoint   English  Virtual Classroom - North America GSI Pacific Time 2,195.00  Add to Cart