Investigation Discovery: Forensics Tools Edition
Date of Workshop
July 13, 2019
General Level Descriptions
Level 100 courses are designed for students with little to no previous IT Security experience, or no experience in the topic(s) being covered. These courses are meant
to be introductory level, or provide the training for entry level certifications.
Level 200 courses are designed for students with some security experience, looking to advance or learn in new topics.
Level 300 courses are designed to offer expert level courses and training on specific topics. Typically, a general understanding and knowledge of the topic being
presented is an expected prerequisite.
In this workshop we will use various forensics tools to examine evidence of a host machine involved in a breach.
Objectives – What You Will Leave Knowing
How to use forensics tools such as FTK Imager, Volatility, and Wireshark when conducting an "investigation" of a breach.
Knowledge of command line Knowledge of Linux Virtual machine environment configured and ready to go
Agenda for Training
12-1: Lunch/Set-up (onsite only) 1-4: Workshop time 4-5: Q&A, wrap-up
Laptop with virtualization capability and at least 4 GB of RAM (8 GB preferred)
VirtualBox VM player Kali Linux (note that there is a prebuilt version for VirtualBox available on the Kali site)
You can still participate in this workshop as an observer if you do not have a computer available.
Members (Full, Student, Military) - $100 [Early Bird Discount - 40%]
Non-Members - $150 [Early Bird Discount - 40%]
Associate and Remote participants - $35 [Remote meeting starts at 1 pm]
Marcelle Lee is a security researcher with White Ops, an adjunct professor in digital forensics and network security, and she is also co-founder of Fractal Security Group, LLC. She specializes in network traffic analysis, malware analysis, and threat hunting. She is involved with many industry organizations, working groups, and boards, including the Women’s Society of Cyberjutsu, the NIST Cyber Competitions Working Group, and the Cybersecurity Association of Maryland Advisory Board. She also both builds and participates in cyber competitions, and shares her work through her Github site, https://marcellelee.github.io/. Marcelle has earned the CISSP, CSX-P, GCFA, GCIA, GCIH, GPEN, GISF, GSEC, GCCC, C|EH, CCNA, PenTest+, Security+, Network+, and ACE industry certifications. She holds four degrees, including a master’s degree in cybersecurity. She has received the Chesapeake Regional Tech Council Women in Tech (WIT) Award and the Volunteer of the Year award from the Women’s Society of Cyberjutsu. Marcelle frequently presents at conferences and training events, and is an active volunteer in the cybersecurity community. Social Media: www.linkedin.com/in/marcellelee www.twitter.com/marcelle_fsg