After finishing up the SIEM section, I moved on to Digital Forensics and Incident Response.
This section deals a lot with the forensic aspect of Cybersecurity. So you spend a lot of time using forensic tools and reviewing artifacts to find key details.
Part of Incident Response is to investigate the malware that has been discovered. Understanding how it works, what it is made of, and creating ways to prevent it in the future are key to this. In this section, you learn about various tools, such as using Autopsy to investigate disk images. How to extract forensic data using KAPE.
It was quite a long section, but the rooms were well-detailed.
