Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Incident Handler Engineer
Description
Certified Incident Handler Engineer C)IHE Introduction
Dive into the realm of cybersecurity with the Certified Incident Handler Engineer (C)IHE course, tailored for IT professionals aiming to enhance their skills in handling and mitigating cybersecurity threats.
This course is designed for a broad audience, including Penetration Testers, Security and Network Administrators, and those looking to specialize in cybersecurity.
Gain critical knowledge and hands-on experience as you explore essential security practices and advanced defense strategies.
The course covers extensive topics from conducting in-depth reconnaissance and vulnerability assessments using tools like Nessus, to mastering network sniffing and advanced web application exploitation. Participants will tackle real-world scenarios in both Windows and Linux settings, engaging in over 20 hours of intensive, hands-on labs focused on developing skills for identifying, responding to, and recovering from security incidents.
Prepare to transform into a proficient incident handler capable of navigating the complex challenges of the cybersecurity landscape. This course will not only boost your technical capabilities but also position you effectively within the cybersecurity field.
Certified Incident Handler Engineer Course Highlights
- Accredited by the NSA’s CNSS 4011-4016.
- Approved by Homeland Security NICCS training schedule.
- Included on the FBI’s preferred cybersecurity certification requirements.
- Aligned with the Department of Defense 8140 Initiative.
- The CIHE exam consists of 100 multiple-choice questions and takes approximately 2 hours.
- Minimum passing grade of 70% for certification.
Prerequisites
- 12 months network technologies
- Sound knowledge of networking and TCP/IP
- Linux knowledge is essential.
Audience
- Penetration Testers
- Microsoft Administrator
- Security Administrators
- Active Directory Administrators
- Anyone looking to learn more about security
Certified Incident Handler Engineer Outline
Incident Handling Explained
- What is an incident?
- What is Incident Handling?
- Difference between Incident Handling and Incident Response
- The Incident Response Process
- Reasons for an Incident Response Plan
- Building an Effective Incident Response Team
Incident Response Policy, Plan, and Procedure Creation
- Incident Response Policy
- Incident Response Plan
- Incident Response Procedures
- Sharing Information with Outside Parties
Incident Response Team Structure
- Team Models
- Team Model Selection
- Incident Response Personnel
- Dependencies within Organizations
Incident Response Team Services
- Intrusion Detection
- Advisory Distribution
- Education and Awareness
- Information Sharing
Incident Response Recommendations
- Establishing a Formal Incident Response Capability
- Establishing Information Sharing Capabilities
- Building an Incident Response Team
Preparation
- Tools and Toolkits
- Policy
- Procedures
- Preventing Incidents
Chapter 7: Detection and Analysis
- Attack Vectors
- Signs of an Incident
- Sources of Precursors and Indicators
- Incident Analysis
- Incident Documentation
- Incident Prioritization
- Incident Notification
Containment, Eradication, and Recovery
- Containment Strategy
- Gathering and Handling Evidence
- Identifying Attacking Hosts
- Eradication and Recovery
GRR Rapid Response
- Introduction to GRR
- Installing GRR Server
- Deploying GRR Clients
- Investigating with GRR
Request Tracker for Incident Response
- Introduction to Request Tracker
- Using Request Tracker for Incident Response
Post-Incident Activity
- Lessons Learned
- Using Collected Incident Data
- Evidence Retention
Incident Handling Checklist
- Building Checklists
Incident Handling Recommendation
- Recommendations
Coordination and Information Sharing
- Coordination
- Information Sharing Techniques
Detailed Lab Outline
- Lab Introduction – Recording IPs and Logging In
- Labs on Identifying Incident Triggers, Drafting Incident Response Procedures, Identifying and Planning for Dependencies, Testing Plans and Feedback Loops, Drafting General Security Policies, Practicing Different Attack Vectors, Deploying and Using GRR, Creating Request Tracker Workflow, Lessons Learned and Documentation, Creating Incident Handling Checklists, Drafting Incident Response Recommendations, and Sharing Agreements and Reporting.
$3500.00
|
4 Days Course |