Cyber Threats Detection and Mitigation Training

Course Overview

This training course examines the fundamentals of system forensics: what forensics is, the role of computer forensics specialists, computer forensic evidence, and application of forensic analysis skills. It also gives an overview of computer crimes, forensic methods, and laboratories. Students will learn about the tools, techniques, and methods used to perform computer forensics and investigation. This course explores emerging technologies as well as future directions of this interesting and cutting-edge field.


Currently, there are no public classes scheduled. Please contact a Phoenix TS Training Consultant to discuss hosting a private class at 240-667-7757.


Not seeing a good fit?

Let us know. Our team of instructional designers, curriculum developers, and subject matter experts can create a custom course for you.

Contact Us

Learn more about custom training

Course Objectives

  • Understand the importance of having a solid foundation for your security posture
  • Understand the attack strategy using cyber security kill chain
  • Enhance their defense strategy by improving security policies, hardening the network, implementing active sensors, and leveraging threat intelligence
  • Perform an incident investigation
  • Understand the recovery process
  • Understand continuous security monitoring and how to implement a vulnerability management strategy
  • Perform log analysis to identify suspicious activities

Course Outline

Security Posture

  • The current threat landscape
  • Cybersecurity challenges
  • Enhancing your security posture
  • The Red and Blue Team

Incident Response Process

  • Incident response process
  • Handling an incident
  • Post-incident activity
  • Incident response in the cloud

Understanding the Cybersecurity Kill Chain

  • External reconnaissance
  • Access and privilege escalation
  • Exfiltration
  • Sustainment
  • Assault
  • Obfuscation
  • Threat life cycle management


  • External reconnaissance
  • Internal reconnaissance
  • Conclusion of the reconnaissance chapter

Compromising the System

  • Analyzing current trends
  • Phishing
  • Exploiting a vulnerability
  • Zero-day
  • Performing the steps to compromise a system

Chasing a User’s Identity

  • Identity is the new perimeter
  • Strategies for compromising a user’s identity
  • Hacking a user’s identity

Lateral Movement

  • Infiltration
  • Performing lateral movement

Privilege Escalation

  • Infiltration
  • Avoiding alerts
  • Performing privilege escalation
  • Conclusion and lessons learned

Security Policy

  • Reviewing your security policy
  • Educating the end user
  • Policy enforcement
  • Monitoring for compliance

Network Segmentation

  • Defense in depth approach
  • Physical network segmentation
  • Securing remote access to the network
  • Virtual network segmentation
  • Hybrid cloud network security

Active Sensors

  • Detection capabilities
  • Intrusion detection systems
  • Intrusion prevention system
  • Behavior analytics on-premises
  • Behavior analytics in a hybrid cloud

Threat Intelligence

  • Introduction to threat intelligence
  • Open source tools for threat intelligence
  • Microsoft threat intelligence
  • Leveraging threat intelligence to investigate suspicious activity

Investigating an Incident

  • Scoping the issue
  • Investigating a compromised system on-premises
  • Investigating a compromised system in a hybrid cloud

Recovery Process

  • Disaster recovery plan
  • Live recovery
  • Contingency planning
  • Best practices for recovery 

Vulnerability Management

  • Creating a vulnerability management strategy
  • Implementation of vulnerability management
  • Best practices for vulnerability management
  • Implementing vulnerability management with Nessus
Subscribe now

Get new class alerts, promotions, and blog posts