Jump to navigation

CMI Malware Investigation Hands-on Training Course

On this 3 day practical training course, extend your knowledge beyond conventional static computer forensics analysis.

Read more

CMI Malware Investigation Hands-on Training Course
Location Price Book
Cambridge CB22 Price: £1,575.00 (GBP) 
Quantity:
Book by telephone
Call +44 (0) 845 070 1750

On this 3 day practical training course, extend your knowledge beyond conventional static computer forensics analysis.

You will be guided through the process of conducting malware analysis, from the principles surrounding the different analysis environments and 7Safe's malware investigation methodology to investigating network activity stemming from malicious software infection.

The CMI training course and associated CMI exam provide delegates the opportunity to extend their knowledge beyond conventional static analysis.

Using practical case scenarios, delegates are guided through the process of conducting malware analysis from the principles surrounding the different analysis environments and malware investigation methodology to investigating network activity stemming from malicious software infection.

Who is this course suitable for?

Those with an interest in or responsibility for forensic malware investigation, including:

  • Forensic & Network Investigators
  • Information Security Professionals
  • IT Security Officers
  • Law Enforcement Officials
  • Computer Auditors
  • Crime Prevention Officers

What does this course cover?

  • How to analyse and interpret malicious software and associated forensic artefacts including Trojan horses, viruses and worms
  • Malware fundamentals in contrast to traditional definitions of malicious software
  • How to approach malware investigation from mounted, booted and network perspectives

  • Practical exercises include conversion of EOI-style images to bootable virtual machine disks, contrasting Malware scans in Linux and Windows-based analysis and behavioral observation of Malware in lab environments
Benefits
  • Practice and understand the subject matter under the guidance of 7Safe’s expert tutors
  • Develop your investigation skills in malware analysis in a state-of-the-art class environment
  • Receive up-to-date course materials
  • Includes the Certified Malware Investigator (CMI) examination

This is a practical course where delegates will investigate forensic case studies, applying the principles, knowledge and techniques learntduring the course.

An optional examination is held on the final day. Successfully completing this examination earns delegates the Certified Malware Investigator (CMI) certification.

Delegates can further their studies by successfully completing university assignments which will earn them the Masters-level CMI+ qualification.

During the course, you will learn:

Analysis Environments

  • Identify and define the five analysis environments
  • Identify situations in which each of the investigation environments could be used effectively  
  • Identify their respective levels of risk both to the original data as well as other systems

Malicious Software

  • Define the term “malicious software”
  • Identify and define different types of malicious software
  • Identify similarities and differences between different types of malicious software

Malware Investigation

  • Identify the stages of malware investigation
  • Critically assess the capabilities and limitations of anti-malware tools
  • Identify the different means of running software at system start-up

Methods of Deception

  • Identify mechanisms of malware delivery
  • Identify mechanisms of disguise
  • Identify client security circumvention

Mounted Analysis

  • Mounting forensic images as logical drives
  • Using malware scanners against the mounted image
  • Documenting the results of malware scans
  • Using online scanners for further clarification

Booted Analysis

  • Identify approaches to creating a booted analysis environment
  • Experiment with making a Virtual Machine
  • Identifying password implications
  • Identifying and explaining the potential differences between mounted and booted analysis results

Network Analysis

  • Identify key reasons for network analysis
  • Methods of building a network for analysis
  • Explaining network communication protocols
  • Using traffic analysis tools for network analysis
  • External Port Analysis
  • Identifying and explaining the potential differences between network and other analysis results

Virtualisation Malware

  • Explain how hardware Hypervisor support allows for virtualisation malware
  • Define Type I, Type II and Type III malware

Simplifying Complex Evidence

  • Aiming the report at a subject knowledge level fitting the target audience
  • Discuss a sample report outline

Case Scenarios

Practical application of course content using case scenarios. Delegates will:

  • gain a practical understanding of modern malware beyond the often quoted traditional principles
  • mount forensic images for analysis
  • build virtual machines for analysis  
  • build a network environment to carry out network forensic analysis

Simplifying Complex Evidence

  • Collating and reporting results
  • Collating and reporting results

Are there entry requirements?

  • CFIP recommended but not essential
  • Principles & general guidelines surrounding forensic investigation
  • Preliminary case considerations to evaluate when beginning a forensic investigation
  • Sound experience with Microsoft Windows required
  • Basic understanding of TCP/IP networking concepts is advantageous

What's included?

Our package includes refreshments, and full course materials.

Although the course is non-residential, we offer help finding appropriate hotels, close to the training venue. To take advantage of this offer, drop us an email after you book your course.

Additional info

Delegates who successfully complete the exam included at the end of the training course will be awarded the Certified Malware Investigator (CMI) qualification

How to book?

There are three ways to book your course, either online, via fax, or telephone:

  • To book via telephone just call us on 0845 070 1750, and we’ll take of the details.
  • To book via fax download our booking form, complete it and fax to us on +44 (0) 1353 662667.
  • To book online simply enter the number of delegates you wish to send into the “Quantity” and select the course date from the drop down menu and click “Order now”.

We can also accept purchase orders from local authorities, government departments, and other public sector organisations and will consider account facilities for large corporate customers, follow this link to our payment options page for more information.

All bookings are subject to our terms and conditions.

Read what others have said about our training courses  

Product Rating: (0.00)   # of Ratings: 0   (Only registered customers can rate)

There are no comments for this product.

Win 5 IBITGQ Exam Courses!




Your basket:

0 items
£0.00 (GBP)
QtyTotal
Your shopping cart is currently empty.
+44 (0) 845 070 1750
Currency:
live chat support software