Cybersecurity

Module 6: Malware and Forensics

Preparing for incident management is essential in today’s environment. In this module, students will learn about the different stages of an incident, and how to prepare for them. Setting up a detection and response strategy, analysing logs, managing backups. Using a case study, we will dig into the key concepts and technical approaches to adopt in handling cybersecurity incidents.

Case study : Ransomware attack

In this scenario, the information system was breached by exploiting a remote access vulnerability several months ago. The attacker took control of the information system, exfiltrated data and then deployed a ransomware attack across the entire infrastructure. Finally, he published the stolen data publicly. Explanation of the underground ecosystem. We will use a similar scenario and perform an incident response.
Content

In this course, participants will engage in a hands-on exercise focused on responding to a ransomware breach. They will learn how to conduct a thorough forensic investigation to identify the attack vectors, assess the extent of the damage, and gather critical evidence. By the end of the exercise, students will gain practical skills in incident response, including how to effectively manage ransomware incidents, mitigate their impact, and prevent future occurrences. This training will equip students with the necessary expertise to respond swiftly and effectively to real-world cybersecurity threats.
Learning Outcomes

On completion of this module, learner will be able to:

  • Perform an incident response,
  • Acquire and analyse artefacts of a ransom attack.
  • Understand how to deal with windows memory forensic.
Training Method

Theory and exercises
Organised By
Digital Learning Hub Luxembourg
Digital Learning Hub Luxembourg
Certification
Participation Only
Prerequisites

Operating Systems Knowledge

  • Basic understanding of both Linuxand Windows
  • Ability to navigate file systems and manage directories.
  • Ability to use the console in both environments.

Linux Command Line Skills

  • Familiarity with basic commands like ls, cd, cat.
  • Familiarity with grep(searching text) and cut (extracting sections of text).
  • Basic scripting skills and command chaining with pipes.

Windows Event Logs

  • Basic knowledge on how to use and interpret Windows Event Logs.

Basic Network & Security Knowledge

  • Understanding of how an enterprise network is organized (e.g., subnets, routing, dmz, firewalling).
  • Basic concepts of security tools such as firewalls, antivirus software, and proxy servers.
Planning and location
Session 1
04/06/2025 - Wednesday
09:00 - 17:00
Session 2
05/06/2025 - Thursday
09:00 - 17:00
Session 3
06/06/2025 - Friday
09:00 - 17:00
Learning Track

This course is part of the following learning track(s) and can be booked as a stand-alone training or as part of a whole:
Learning Track - Cybersecurity Essentials
ESCO Skills
cyber security
ESCO Occupations
ICT system administrator ICT network technician ICT network administrator ICT security administrator
Advanced
Daytime
English
On Site
Available Edition(s):

https://www.dlh.lu/web/image/product.template/1697/image_1920?unique=0b961f1

This combination does not exist.

Contact Us

84.00 € 84.0 EUR 84.00 €

84.00 €

Not Available For Sale

Your trainer(s) for this course
Paul JUNG