Course:Intrusion Detection & Incident Response


Duration: 30 Hours


About this course :

        This course is aimed at providing immediate response by security practitioners, who shoulder immense responsibility forretorting to security incidents, security triage, security detection, response and remediation .

        Intrusion detection & Response course is a 30 hours course and can be attended on campus and online as well.


Contents of the course include:

          » Introduction to Incident Response

          » Introduction to Incident Investigation

          » Investigation Techniques

          » Incident Investigation Preparation

          » Detection & Reporting

          » Triage & Analysis

          » Essential Incident Forensics

          » TIncident Containment

          » Post Incident Response


Target Audience:

                   This course is designed for Graduate Freshers who are looking for successful career in cyber security, IT professionals and who want to understand key IT security issues and how best to address them. The course will also be of benefit to IT systems analysts, designers and software developers.This course will be suitable for delegates interested in the SANS Institute course SEC401: Security Essentials.


Prerequisites:

                  Network Security Foundation and Security Fundamentals are essential prerequisites for this course.


Course Outline:
Module 1 Introduction to Incident Response

           Security incident response principles

           Understand the commercial impact of a security incident

           Incident response plans

           Computer incident response team (CIRT)


Module 2 Introduction to Incident Investigation

           Incident investigation techniques

           Security responders – key skills

           First responder people vs process

           Business continuity trade offs


Module 3 Investigation Techniques

           Detection & reporting

           Triage & analysis

           Containment

           Post incident response


Module 4 Incident Investigation Preparation

           Policies

           Communication standards

           Open source & threat intelligence

           Proactive response measures


Module 5 Detection & Reporting

           Detect techniques

           Deter techniques

           Defend techniques

           Reporting


Module 6 Triage & Analysis

           Security assessment techniques

           Network security assessments

           Network security analysis

           Evidential impact of a security assessment


Module 7 Essential Incident Forensics

           Chain of custody

           Legal principles and responsibilities techniques

           Forensic artefacts

           Forensic analysis


Module 8 Incident Containment

           Describe the purpose of incident containment

           Challenges of incident containment

           Supply chain security

           Testing containment solutions


Module 9 Post Incident Response

           Internal communications

           External communications

           Reporting requirements

           Reporting forensic findings


Delivery method: Classroom / Attend from Anywhere