Intrusion Detection & Incident Response

3 Day Course
Hands On
Code QASOCRESP

This course has been retired. Please view currently available Cyber Security Training Courses.

Modules

Hide all

Introduction to Incident Response (4 topics)

  • Security incident response principles
  • Understand the commercial impact of a security incident
  • Incident response plans
  • Computer incident response team (CIRT)

Introduction to Incident Investigation (4 topics)

  • Incident investigation techniques
  • Security responders - key skills
  • First responder people vs process
  • Business continuity trade offs

Investigation Techniques (4 topics)

  • Detection & reporting
  • Triage & analysis
  • Containment
  • Post incident response

Incident Investigation Preparation (4 topics)

  • Policies
  • Communication standards
  • Open source & threat intelligence
  • Proactive response measures

Incident Investigation Preparation (4 topics)

  • Policies
  • Communication standards
  • Open source & threat intelligence
  • Proactive response measures

Triage & Analysis (4 topics)

  • Security assessment techniques
  • Network security assessments
  • Network security analysis
  • Evidential impact of a security assessment

Essential Incident Forensics (4 topics)

  • Chain of custody
  • Legal principles and responsibilities
  • Forensic artefacts
  • Forensic analysis

Incident Containment (4 topics)

  • Describe the purpose of incident containment
  • Challenges of incident containment
  • Supply chain security
  • Testing containment solutions

Post Incident Response (4 topics)

  • Internal communications
  • External communications
  • Reporting requirements
  • Reporting forensic findings

Prerequisites

Network Security Foundation and Security Fundamentals are essential prerequisites for this course.

Course PDF

Print

Sections