Advanced Cloud and Network/Live Forensics Test 2
[Back] This page defines what you need to know for the test.
SIEM. Marks: Approx: ~40%
This part of the test will cover some analysis of logs using Splunk. Some background material is here
DLP. Marks: Approx: ~40%
Malware/Code Analysis. ~20%
This part of the test will cover an overview of how the registers are changed within a machine code program.
Take a sample test for this subject: here. Note that this test is indicative of the areas that might be covered.
The test will be similar in scope to Test 1 and will have fixed/short answers for the SIEM parts and longer descriptive answers for other questions.