Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a comprehensive conference talk that delves into advanced techniques for conducting intrusion investigations. Learn how to move beyond basic "check the box" approaches and leverage powerful capabilities to uncover critical insights. Discover various use cases, understand the context of investigations, and explore high-level questions that drive effective inquiries. Examine essential data points, including DHCP logging, Kerberos service tickets, and authentication events. Gain insights into the intrusion life cycle, possible explanations for suspicious activities, and the differences between Windows 2003 and 2008 logging. Master the art of tracking DNS resolutions, identifying indicators of compromise, and recognizing network-based signs of intrusion. Enhance your cybersecurity skills with practical examples, commercial simulation insights, and expert guidance on logging best practices.
