Introduction:
Incident Response Training Course with detailed hands-on labs
ENO offers this hands-on Incident Response Training course that covers the essential information you need to know in order to properly detect, contain and mitigate security incidents. Security incidents are a way of life in the modern world, and how organizations respond to them makes a massive difference in how much damage is ultimately done. In this 5 day course, you learn the ins and outs of incident response, as well as the tools of the trade used by incident responders on a daily basis.
This Incident Response Training course from ENO helps you fully understand how systems are compromised and what traces are left behind by attackers on the network, on disk, and in volatile memory. The Incident Response and Network Forensics course addresses cutting edge attack vectors as well as tried and true methods for compromise. You leave the 5 day Incident Response Training course with the knowledge of how to prevent incidents and the skills to defend against a security incident if it does happen.
Duration: 5 days
Related Courses
- Intrusion Prevention Training
- Advanced Computer Forensics Training
- Advanced Ethical Hacking Training
- Advanced Reverse Engineering Malware Training
- Cybersecurity Foundations Training
- Cyber Threats Detection and Mitigation Training
- DATA Recovery Training
- Ethical Hacking Training | CEH Training
- Fundamentals of Information Security Training
Customize It:
• If you are familiar with some aspects of Incident Response Training, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Incident Response Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Incident Response Training course in manner understandable to lay audiences.
Objectives:
After completing this course, attendees will be able to:
• The Incident Response Process
• Event/Incident Detection
• Sources of Network Evidence
• TCP Reconstruction
• Flow Analysis
• NIDS?NIPS
• Log Analysis
• Firewall log Investigation
• Log Aggregation
• Network Artifact Discovery
• DNS Forensics and Artifacts
• NTP Forensics and Artifacts
• HTTP Forensics and Artifacts
• HTTPS and SSL Analysis
• FTP and SSH Forensics
• Email Protocol Artifacts
• Wireless Network Forensics
Course Outline:
• Constructing your Live Incident Response Toolkit
• Perform Vulnerability Analysis
• The Incident Management Knowledge base
• Timeline Analysis
• Triage & Analysis
• Volatile Data Sources and Collection
• Identify Rogue Processes
• Volatility Walkthrough
• Defensive review and recommendations
• Improving defenses
• Secure credential changing process and monitoring
• Increased monitoring period – when and how long
• Validate the system.
• Enable constituents to protect their assets and/or detect similar incidents.
• Report and coordinate incidents with appropriate external organizations
• CSIH Domains
Labs
Whether you are looking for general information or have a specific question, we want to help!
Request More Information
