Course Catalog
Malicious Code Analysis
95-759
Units: 6
Description
The ability to develop well instrumented networks, policies, and processes are directly correlated to ones understanding of malicious code, such that it has become a requisite for any decision maker operating within a modern enterprise. Just as necessary is the ability to effectively consume and produce actionable intelligence on malicious code. This course aims to provide students with a deeper understanding of the various tactics, techniques, and procedures found when analyzing malware. Students will also develop an appreciation for the technical challenges presented by malware and how to employ strategic detections and mitigations to meet today’s threat.
Learning Outcomes
Heinz College is a unique place where policy and tech come together and there is a significant gap in industry between those capable of reversing malicious code, and those operating in a managerial capacity to effect change with those results. The outlined course will serve as a bridge to bring these two worlds closer together and afford a better understanding of associated challenges.
Without an understanding of malicious code, the risk it poses to an organization, and techniques used to undermine traditional defense measures; decision makers are ill equipped to meet threats from state sponsored and criminal elements. By taking this course, future leaders are provided a better understanding of adversary tradecraft and how to effectively drive their people, process, and technology to meet modern threat actors.
Prerequisites Description
There are no course prerequisites. However, students are expected to have a working knowledge of both Windows and Linux operating systems. Students are also required to be proficient in at least one programming language.
Students will need to be able to perform basic troubleshooting exercises for their Lab environment in Windows/Linux environments and should be able to install software via a standalone executable, software repository, or from source code as needed. An understanding of basic command line syntax for both Windows and Linux platforms, such as navigating directories, creating, editing, and removing files is required.
Students are expected to understand basic networking principles to set up a virtual environment between Linux and Windows virtual machines on a virtual network.
Students will be required to be comfortable enough in a programing language to understand how to interpret API documentation, perform basic file I/O operations, basic work with binary data streams, and install/integrate third party modules.