Level: Foundation

FireEye Enterprise Incident Response with MIR

2 Day | Instructor Led

This two-day instructor-led course provides an introduction to using Mandiant for Intelligent Response (MIR) as an incident response tool. Labs take students through a breach, teaching how to perform sweep hit analysis, build live response scripts, basic unknown binary analysis, and basic Indicator of Compromise (IOC) creation.

Inquire About
FireEye Enterprise Incident Response with MIR

Ideal Candidates for FireEye Enterprise Incident Response with MIR Class

Network security professionals and incident responders.

FireEye Enterprise Incident Response with MIR Prerequisites

Students should have a working understanding of networking and network security, the Windows OS, file system, registry, and use of the CLI.

What You'll Get in FireEye Enterprise Incident Response with MIR

What You'll Learn in FireEye Enterprise Incident Response with MIR

No Certification Test Available For This Course

No Certification Test Available For This Course

FireEye Enterprise Incident Response with MIR Outline

  1. MIR Core Concepts
    • Incident types and incident response requirements
    • MIR basics: architecture, sweeps, scripts, jobs, and IOCs
  2. Sweeping
    • Building sweeps
    • Tuning monthly sweeps
    • Hit review
  3. Binary Analysis
    • FireEye AX
    • Strings analysis
  4. Live Response
    • Live response methodology
    • Live response audit scripts
    • Interpreting live response data Pivoting / Searching
  5. IOCs
    • IOC architecture within MIR Building IOCs
    • Testing IOCs
    • Sweeping with custom IOCs


A. Erlich


I just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.

Wilder Guerra

US Navy Reserve

This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.

Rebekah Coughlin


The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.

Top Related Courses

Cyber Vanguard Series- Cyber Storm Assault Tactics

All actions in war, regardless of the level, are based upon either taking the initiative or reacting in response to the opponent. By taking the initiative, we dictate the terms of the conflict and force the enemy to meet us on our terms. The initiative allows us to pursue some positive aim even if only to preempt an enemy initiative. It is through the initiative that we seek to impose our will on the enemy.

Cyber Vanguard Series-Cyber Strike

Cyber Vanguard Series - Cyber Strike takes the offensive and defensive assault tactics and applies them in several different real world scenarios. The entire course is hands on and builds upon the skills and knowledge the students have previously received. Applications include Offensive only - Hunt Teaming, Data Harvesting, and Asset Extraction, Defensive Only – Defending Your Assets, Setting Active Intrusion Systems, Vulnerability Assessment and Remediation, and Offensive and Defensive – Capture the Flag, where teams are pitted against each other to protect their own resources while attacking the opposing team.

CompTIA Network+ (N10-006)

CompTIA's Network+ is the premier vendor-neutral networking certification and is included in the approved list of certifications to meet DoD Directive 8570.1 requirements. This course uses Official CompTIA Approved Quality Content, which assures that all test objectives are covered in the training material.

© 2018 Ultimate Knowledge Insitute | All Rights Reserved | GSA# GS-35F-0469W