Introduction to Malware Forensics [WBT]

Version 6

    Courses cannot be purchased or accessed from this site. If you would like to register for this course, please contact your FireEye account manager.

    This 8-hour web-based training (WBT) course provides instruction on the steps to investigate a Windows system to determine if it is infected with malware.


    You will learn:

    • how computer forensics practitioners preserve the state of the system or data being examined
    • what tools they use to examine a system and build a timeline of events
    • common malware attachment points in the Windows operating system



    1. Initial Incident Response Processes and Preservation of Evidence
    2. Preserving Memory
    3. Creating and Preserving Disk Images
    4. Common Methods of Malware
    5. Investigative Techniques
    6. Reporting



    Eight hours. The course does not need to be completed in a single sitting.


    Browser requirements

    This course requires Flash Player.



    Please contact your FireEye account manager for details.