The concept of the IACIS intrusion investigation training class was born when one of the instructors retired from law enforcement and started working Incident Response consulting.\u00a0 He quickly realized that there were gaps in his forensic knowledge that hindered his ability to quickly and accurately support corporate clients who were victims of a cyber intrusion (\u201cimaging a shutdown Windows system is easy, but what\u2019s ESXi and how do I get an image out of it?\u201d).\u00a0 These gaps were further highlighted when LE peers asked for advice or recommendations for training or skill development. A list of primary functional skills was developed and provided to peers wanting to update or improve their skills in the IR arena. Unfortunately, there wasn\u2019t any single class that covered most of these skills, much less all of them.\u00a0 So, it was decided to develop a one-week class, which quickly turned into a two-week class that focused on providing investigative functionality in most of these skill areas.\u00a0 This class became the IACIS Cyber Incident Forensic Response (CIFR) class, which focuses on teaching the combined lists of investigation concepts.\u00a0 While the class doesn\u2019t make a student an expert in all these areas, the level of training is deep and broad enough so the student understands the concepts and processes and can competently apply them to an investigation.\u00a0 The intent is to provide \u201ca 12-inch deep and a mile wide\u201d approach to a broad range of investigation skills, vs. having to spend many thousands of dollars for 5 days on an \u201cinch wide and an unnecessary mile deep\u201d single topic, then many thousands of dollars for 5 days on yet another single topic.<\/p>\n
CIFR uses a real network environment in the classroom to simulate a corporate network, integrating actual network and domain architecture into the instruction to increase realism. Students interact with Windows and Linux VMs in the class and are shown how their actions are presented at the local, domain, and SIEM logging levels. The class has a large number of labs, based on a belief the student learns better by doing the task vs reading about the task in bullets on a slide presentation.<\/p>\n
The typical class attendees include:<\/p>\n
Throughout the 2- week class, students will cover topics and lab exercises that include:<\/p>\n
The first week ends with two log analysis labs drawn from real-world incidents.<\/p>\n
The second week ends with the students witnessing an attack, with a walkthrough of the attack process and the resulting intrusion or malware artifacts.\u00a0 Students then acquire RAM and a system image across the classroom network and spend Friday analyzing the RAM, image, and malware from the attack. Click here to view Schedule<\/a><\/p>\n WHEN<\/u><\/strong>:\u00a0\u00a0April 28 – May 9, 2025<\/strong><\/p>\n COST<\/u><\/strong>: $3,695.00 US Dollars <\/strong><\/p>\n EQUIPMENT<\/u><\/strong>: Classroom laptops will be given to the students to take home and keep. <\/strong><\/p>\n COURSE SCHEDULE<\/span><\/a><\/span><\/strong><\/p>\n CORE COMPETENCIES<\/span><\/a><\/span><\/strong><\/p>\n REGISTRATION<\/b><\/span>: NOW OPEN For non-IACIS members, the membership fee is waived with the purchase of the training course; however, to register for the course you must complete a membership application at the time of purchase. Purchase training course HERE<\/span><\/a>.<\/span><\/span><\/p>\n <\/p>\n Registration is still open, however, payment is expected at the time you register. If you need to make other arrangements, please contact Debbie.plamondon@iacis.com<\/a>. Thank you for your cooperation. We appreciate it.<\/strong><\/p>\n Cancellations within 45 days from the start of class to 31 days from the start of class will be subject to a $150 cancellation fee. There will be no refunds within 30 days from the start of class.****<\/span>\u00a0<\/span><\/p>\n * On-Site Check-in Times (student pickup of equipment, ID card, IACIS info) are:<\/strong><\/p>\n \u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0Sunday, April 27, 2025: 1800 \u2013 2000<\/strong><\/p>\n \u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Monday, April 28, 2025: 0700 \u2013 0800<\/strong><\/p>\n * Please make arrangements to arrive in time to check-in so that you may be in class promptly on the first day.<\/p>\n COURSE NOTES<\/u><\/strong>:<\/strong><\/p>\n Please read the following notes regarding this class:<\/p>\n HOTEL BOOKING<\/span><\/b>:\u00a0<\/span><\/b><\/p>\n The course will be taught at the <\/span>Caribe Royale Orlando<\/span><\/a>, <\/span>8101 World Center Drive, Orlando, Florida 32821 (USA).<\/span><\/b>\u202f This hotel is 16 miles from the Orlando International Airport, it has a large pool, spacious workout facility and is close to Disney World and Universal Studios.<\/span>\u00a0<\/span><\/p>\n
\n<\/span><\/span><\/b>Existing IACIS members, simply log in with your credentials and go to the Products<\/span><\/a> page<\/span> to purchase and register for the course.<\/span>\u00a0<\/span><\/p>\n\n