Forensic & Incident Response Education (FIRE)

Learn in-depth computer forensics

Next Steps:


Upcoming Course Dates & Locations: View Schedule

Type of Course: Classroom

Foundstone’s Forensic & Incident Response Education (FIRE) course is a defensive weapon to help normalize your environment after a negative event has occurred. Hackers and disgruntled employees have increasingly sophisticated tools and backdoor programs at their disposal to steal your intellectual property and expose sensitive information — all with the ability to cover their tracks.

IT professionals charged with protecting the environment can be overwhelmed, causing attacks to be ignored or mistakenly diagnosed as a system or network problem. During this course, we provide you with the forensic techniques to identify, respond to, and recover from both insider and outsider attacks.

What You’ll Learn

This course will give you an in-depth study of the computer forensics process. Starting with creating evidentiary disk images to recognizing the often faint trail of unauthorized activity, Foundstone updates this class continuously by integrating the latest security threats and countermeasures.

In this hands-on classroom, you will learn how to respond to unlawful access and information theft, learning to recognize the traces of numerous attacks. While in the security lab, you will learn to apply this knowledge. With Foundstone’s expert instruction, you will learn step-by-step incident response procedures for Unix, Windows systems, and mobile devices. These methods are tailored to your organization’s security architecture, so you can apply them in the real world, long after class is completed.

Why We Teach This Course

Malcontent and security holes exist in alarming numbers and as a result, the possible compromises to your network are an unfortunate fact of corporate life. A total network security plan includes the capability to resolve incidents after they occur. This is a comprehensive, technically detailed course that reinforces your security posture and enables you to successfully respond to incidents.

Who Teaches this Course

Foundstone instructors have responded to numerous intrusions on corporate and government networks, and have assisted in the development of effective Incident Response (IR) programs. Foundstone stays up to date on the latest underground exploits and techniques. As the leading “white hats” in the industry, the Foundstone team knows what the “black hats” are up to — whether they are hackers in the shadows or malicious insiders. Instructors have managed or directed security assessment teams, as well as amassed real-world experience. They are also frequent speakers at industry conferences.

Who Should Take this Course

System and network administrators, corporate security personnel, auditors, law enforcement officers, and consultants responsible for network intrusions.

Basic understanding of Unix, Windows OS, computer forensics, and TCP/IP networking is required for the course to be fully beneficial.

Course Materials

Student manual, class handouts, a Foundstone-authored book, a Foundstone T-shirt, a free tools CD with course tools and scripts, and BackTrack, the top-rated bootable Linux distribution.

Continuing Education Credits

This course qualifies for up to 32 hours of continuing professional education (CPE) credits for CISSP/SSCP and 28 hours of CPE credits for CISA/CISM holders.