What is FOR500?

Master Windows Forensics - “You Can’t Protect What You Don’t Know About.”

All organizations must prepare for cyber-crime occurring on their computer systems and within their networks.

Demand has never been greater for analysts who can investigate crimes such as fraud, insider threats, industrial espionage,

employee misuse, and computer intrusions. Government agencies increasingly require trained media exploitation specialists to

recover vital intelligence from Windows systems. To help solve these cases, SANS is training a new cadre of the world’s best digital forensic professionals,

incident responders, and media exploitation experts capable of piecing together what happened on computer systems second by second.

FOR500: Windows Forensic Analysis focuses on building in-depth digital forensics knowledge of Microsoft Windows operating systems.

You can’t protect what you don’t know about, and understanding forensic capabilities and artifacts is a core component of

information security. You will learn how to recover, analyze, and authenticate forensic data on Windows systems,

track particular user activity on your network, and organize findings for use in incident response, internal investigations,

and civil/criminal litigation. You will be able to use your new skills to validate security tools, enhance vulnerability assessments,

identify insider threats, track hackers, and improve security policies. Whether you know it or not, Windows is silently recording

an unbelievable amount of data about you and your users. FOR500 teaches you how to mine this mountain of data.

this notes summary of for500