People often become rash and chaotic during an IS incident and can destroy crucial evidence. The 4-hour hands-on lab “How to react to IS incidents: Investigation of a cyber-attack” focuses on a practical approach to incident investigation and learning how to act quickly and calmly to collect evidence, to analyze system logs, memory and disks, and to search for traces of a cybercrime. Participants will be provided with special instructional material and virtual machines, and will be offered several effective strategies to respond to simulated incidents.
Author: Alexander Sverdlov
Alexander Sverdlov worked at Mobiltel EAD (Bulgaria’s mobile operator) and at Hewlett-Packard, was a freelance security consultant and trainer. Now he is an IT security officer at ProCredit Bank Bulgaria. He conducted a four-hour hands-on lab on cyber forensics at PHDays III. Sofia, Bulgaria