[Back] This page provides an overview of the activities each week.
This week the main tasks are:
Week 2 (Network Forensics)
An important part of incident response is the capture and analysis of network based traffic. We will investigate network protocols and try and develop an in-depth understanding of them, and the traces of evidence they leave. The tasks this week are:
Week 3 (Advanced Network Forensics)
In this unit we will go deeper into an investigation and look at signs of an intrusion. The tasks this week are:
Week 4 (SIEM)
In this unit we will investigate SIEM, including setting up and using Splunk. The tasks this week are: