Download Interent ExplorerDownload Apple SafariDownload OperaDownload FirefoxDownload Google Chrome

Incident Response Training

Incident Response Training

Incident Response Training:

Incident Response Training Course with detailed hands-on labs

ENO offers this hands-on Incident Response Training course that covers the essential information you need to know in order to properly detect, contain and mitigate security incidents. Security incidents are a way of life in the modern world, and how organizations respond to them makes a massive difference in how much damage is ultimately done. In this 5-day course, you learn the ins and outs of incident response, as well as the tools of the trade used by incident responders on a daily basis.

This Incident Response Training course from ENO helps you fully understand how systems are compromised and what traces are left behind by attackers on the network, on disk, and in volatile memory. The Incident Response and Network Forensics course addresses cutting-edge attack vectors as well as tried and true methods for compromise. You leave the 5-day Incident Response Training course with the knowledge of how to prevent incidents and the skills to defend against a security incident if it does happen.

What’s Included

  • 5 days of Incident Response Training with an expert instructor
  • Incident Response Electronic Student Course Guide
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee


Related Courses

Customize It:

  • If you are familiar with some aspects of Incident Response Training, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the Incident Response course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Incident Response course in a manner understandable to lay audiences.


After completing this course, attendees will be able to:

  • The Incident Response Process
  • Event/Incident Detection
  • Sources of Network Evidence
  • TCP Reconstruction
  • Flow Analysis
  • Log Analysis
  • Firewall log Investigation
  • Log Aggregation
  • Network Artifact Discovery
  • DNS Forensics and Artifacts
  • NTP Forensics and Artifacts
  • HTTP Forensics and Artifacts
  • HTTPS and SSL Analysis
  • FTP and SSH Forensics
  • Email Protocol Artifacts
  • Wireless Network Forensics

Course Outline:

  • Constructing your Live Incident Response Toolkit
  • Perform Vulnerability Analysis
  • The Incident Management Knowledge base
  • Timeline Analysis
  • Triage & Analysis
  • Volatile Data Sources and Collection
  • Identify Rogue Processes
  • Volatility Walkthrough
  • Defensive review and recommendations
  • Improving defenses
  • Secure credential changing process and monitoring
  • Increased monitoring period – when and how long
  • Validate the system.
  • Enable constituents to protect their assets and/or detect similar incidents.
  • Report and coordinate incidents with appropriate external organizations
  • CSIH Domains


Whether you are looking for general information or have a specific question, we want to help!

Request More Information

    Time frame: