Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Incident Handler Engineer On-Demand
Description
Certified Incident Handler Engineer On-Demand Introduction
The Certified Incident Handler Engineer (C)IHE On-Demand course is designed for IT and cybersecurity professionals, including Penetration Testers, Security Administrators, and Active Directory Administrators. This flexible, self-paced course allows learners to master incident handling at their convenience, making it an ideal choice for busy professionals.
Participants will dive into essential topics such as the foundational principles of incident handling, strategic policy formulation, and effective team coordination.
The course provides a thorough exploration of detection and analysis methodologies, employing tools like GRR Rapid Response and Request Tracker. It also covers post-incident activities, emphasizing coordination and information sharing to enhance organizational resilience against cyber threats.
The inclusion of practical lab exercises ensures that learners can apply theoretical knowledge to real-world scenarios, bridging the gap between learning and practical application. This hands-on approach is critical for developing the skills necessary to manage cybersecurity incidents effectively and secure a career in this ever-evolving field.
Certified Incident Handler Engineer On-Demand Course Objectives
- Prepare for and pass the Certified Incident Handling Engineer (CIHE) exam.
- Acquire knowledge of common attack techniques, vectors, and hacker tools.
- Learn to plan, create, and utilize systems effectively to prevent, detect, and respond to security breaches.
- Gain a deep understanding of the incident response process and the significance of incident response teams.
- Develop incident response policies, plans, and procedures.
- Explore various aspects of incident handling, from detection and analysis to containment, eradication, and recovery.
- Benefit from hands-on labs and scenarios covering both Windows and Linux systems.
Prerequisites
- 12 months network technologies
- Sound knowledge of networking and TCP/IP
- Linux knowledge is essential.
Audience
- Penetration Testers
- Microsoft Administrators
- Security Administrators
- Active Directory Administrators
- Anyone looking to learn more about security
Certified Incident Handler Engineer On-Demand Outline
Introduction to Incident Handling
- What is an incident?
- What is Incident Handling?
- Difference between Incident Handling (IH) and Incident Response (IR)
- The Incident Response Process
- Building an Effective Incident Response Team
Incident Response Policy, Plan, and Procedure Creation
- Incident Response Policy
- Incident Response Plan
- Incident Response Procedures
- Sharing Information with Outside Parties
Incident Response Team Structure
- Team Models
- Team Model Selection
- Incident Response Personnel
- Dependencies within Organizations
Incident Response Team Services
- Intrusion Detection
- Advisory Distribution
- Education and Awareness
- Information Sharing
Incident Response Recommendations
- Establishing a Formal Incident Response Capability
- Information Sharing Capabilities
- Building an Incident Response Team
Preparation
- Tools and Toolkits
- Policy
- Procedures
- Preventing Incidents
Detection and Analysis
- Attack Vectors
- Signs of an Incident
- Sources of Precursors and Indicators
- Incident Analysis
- Incident Documentation
- Incident Prioritization
- Incident Notification
Containment, Eradication, and Recovery
- Containment Strategies
- Evidence Gathering and Handling
- Identifying Attacking Hosts
- Eradication and Recovery Processes
GRR Rapid Response
- Introduction to GRR
- Installing GRR Server
- Deploying GRR Clients
- Investigating with GRR
Request Tracker for Incident Response
- Using Request Tracker
- Request Tracker for Incident Response
Post-Incident Activity
- Lessons Learned
- Using Collected Incident Data
- Evidence Retention
Incident Handling Checklist
- Building Checklists
Incident Handling Recommendation
- Recommendations
Coordination and Information Sharing
- Coordination Techniques
- Information Sharing Techniques
Detailed Lab Outline
- Identifying Incident Triggers
- Drafting Incident Response Procedures
- Identifying and Planning for Dependencies
- Testing Plans and Implementing Feedback Loops
- Drafting General Security Policies
- Practicing Different Attack Vectors
- Deploy GRR Client and Gather Evidence
- Creating Request Tracker Workflow
- Lessons Learned and Documentation
- Creating an Incident Handling Checklist
- Drafting Incident Response Recommendations
- Sharing Agreements and Reporting Requirements
$1095.00
|
|