This course is aimed at providing immediate response by security practitioners, who shoulder immense responsibility forretorting to security incidents, security triage, security detection, response and remediation .
Intrusion detection & Response course is a 30 hours course and can be attended on campus and online as well.
» Introduction to Incident Response
» Introduction to Incident Investigation
» Investigation Techniques
» Incident Investigation Preparation
» Detection & Reporting
» Triage & Analysis
» Essential Incident Forensics
» TIncident Containment
» Post Incident Response
This course is designed for Graduate Freshers who are looking for successful career in cyber security, IT professionals and who want to understand key IT security issues and how best to address them. The course will also be of benefit to IT systems analysts, designers and software developers.This course will be suitable for delegates interested in the SANS Institute course SEC401: Security Essentials.
Network Security Foundation and Security Fundamentals are essential prerequisites for this course.
Security incident response principles
Understand the commercial impact of a security incident
Incident response plans
Computer incident response team (CIRT)
Incident investigation techniques
Security responders – key skills
First responder people vs process
Business continuity trade offs
Detection & reporting
Triage & analysis
Containment
Post incident response
Policies
Communication standards
Open source & threat intelligence
Proactive response measures
Detect techniques
Deter techniques
Defend techniques
Reporting
Security assessment techniques
Network security assessments
Network security analysis
Evidential impact of a security assessment
Chain of custody
Legal principles and responsibilities techniques
Forensic artefacts
Forensic analysis
Describe the purpose of incident containment
Challenges of incident containment
Supply chain security
Testing containment solutions
Internal communications
External communications
Reporting requirements
Reporting forensic findings