Incident Response

This class was created by Brainscape user Arturo Mendoza Jr.. Visit their profile to learn more about the creator.

Decks in this class (24)

Section 1.1: Incident Response & Threat Hunting
Define breakout time in 2019 crow...,
What are nation state actors,
Overview the six step process in ...
21  cards
Section 1.2: Threat Intelligence
What is ttp,
What is the attack cycle like,
What steps are inside the cyber k...
24  cards
Section 1.3: Malware-ology
What is the malware paradox,
What are the three compromise types,
Define endpoint detection and res...
12  cards
Section 1.4: Malware Persistence
Name the persistence mechanisms m...,
What persistence mechanisms resid...,
What are autostart extension poin...
36  cards
Section 1.5: Hunting Across the Enterprise
Name the three types of scripting...,
What is the name of the script po...,
What is powershell s transfer pro...
13  cards
Section 1.6: Credential Theft
Methods used to detect signs of a...,
Is it rare for a system s local a...,
Describe the security microsoft i...
50  cards
Section 2.1: Intrusion Analysis: Evidence of Execution
Name two ways credential theft ca...,
What is windows prefetch,
What information does each prefet...
29  cards
Section 2.2: Intrusion Analysis: Event Log Analysis
What are the event log name files...,
Aawa,
What is the registry location to ...
65  cards
Section 2.3: Intrusion Analysis: Lateral Movement Tactics
Name 2 methods of lateral movemen...,
Registry locations to analyze sou...,
Filesystem locations to track rdp...
50  cards
Section 2.4: Intrusion Analysis: Command Line, Powershell, and WMI Analysis
Its not always than an enterprise...,
What are the application event lo...,
Where can i find wer files what c...
29  cards
Section 3.1: Enterprise and Remote Analysis
What is kape,
What is remote access,
What is an remote analysis agent
12  cards
Section 3.2: Why Memory Forensics?
Why investigate ram,
Three exclusive things that only ...
2  cards
Section 3.3: Acquiring Memory
Tools to collect live memory from...,
Dead memory system files and wher...,
When considering getting hibernat...
11  cards
Section 3.4: Introduction to Memory Analysis
How does memory forensics differ ...,
Describe the kernel debugger data...,
What is another alternative to fi...
43  cards
Section 3.5: Injection, Rootkits, & Extraction
Why adversaries use code injection,
Why would adversary migrate from ...,
What was the emotet malware
41  cards
Section 4.1: Malware Discovery
Name the four tools used to detec...,
Describe how to use yara and how ...,
What is densityscout and what doe...
7  cards
Section 4.2: Timeline Analysis Overview
What is the forensic trinity insi...,
For locations in timeline analysi...,
Locations in timeline analysis to...
23  cards
Section 4.3: Filesystem Timeline Creation and Analysis
Name the four windows ntfs timest...,
What time formats does ntfs and f...,
What timestamps are updated if a ...
11  cards
Section 4.4: Super Timeline & Analysis
How does the log2rimelinepy tool ...,
What is the purpose of the pinfo ...,
What is the purpose of the psort ...
11  cards
Section 5.1: Anti-Forensics Overview
What is the general use of anti f...,
Anti forensic techniques that hap...,
Anti forensics techniques that ha...
4  cards
Section 5.2: Recovery of Deleted Files via VSS
What is the volumne shadow copy s...,
Where can i find the files that a...,
How does the volumne shadow copy ...
17  cards
Section 5.3: Advanced NTFS Filesystem Tactics
Ntfs features to be aware of,
Explain the change tracking featu...,
Explain the acceas control featur...
58  cards
Section 5.4: Advanced Evidence Recovery
Name the four wiping tools advers...,
What is sdelete and how can i tra...,
Bcwipe features specifically for ...
23  cards
Section 5.5: Defensive Countermeasures
How can i increase the space to s...,
What can i do to create more snap...,
Which executables should be monit...
5  cards

More about
Incident Response

  • Class purpose General learning

Learn faster with Brainscape on your web, iPhone, or Android device. Study Arturo Mendoza Jr.'s Incident Response flashcards now!

How studying works.

Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.

Add your own flashcards.

Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!

What's Brainscape anyway?

Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.

We use an adaptive study algorithm that is proven to help you learn faster and remember longer....

Looking for something else?

MIIM20002 - Microbes, Infections, Res...
  • 32 decks
  • 1542 flashcards
  • 34 learners
Decks: Lectures 7 8 9 Gastroenteritis, Lecture 10 Gastroenteritis Epidemiology, Lecture 11 Manipulating The Immune Respo, And more!
GCSE Citizenship: Rights and responsi...
  • 41 decks
  • 1016 flashcards
  • 530 learners
Decks: Chapter 1 The Fundamental Principles Of, Chapter 1 Rules And Laws, Chapter 1 Rights In Local To Global Situ, And more!
Professional Responsibility
  • 11 decks
  • 277 flashcards
  • 209 learners
Decks: Coverage Of The Virginia Bar, The Duty Of Confidentiality To Your Clie, The Duty Of Loyalty To Your Client Confl, And more!
Professional Responsibility - Summer ...
  • 26 decks
  • 652 flashcards
  • 8 learners
Decks: Introduction Morals V Ethics Basics On T, The Legal Profession History And Diversi, Professional Discipline And Enforcement, And more!
Make Flashcards