Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Incident Handler Engineer
Description
Certified Incident Handler Engineer C)IHE Course Introduction
Welcome to the Certified Incident Handler Engineer C)IHE course, a specialized program designed to equip you with advanced skills in managing and mitigating cybersecurity incidents. This comprehensive course is ideal for a wide range of IT professionals, including Penetration Testers, Security and Network Administrators, as well as individuals aspiring to establish themselves in cybersecurity.
Whether you are a Microsoft or Active Directory Administrator looking to broaden your security expertise, or you’re passionate about strengthening your defense mechanisms against cyber threats, this course offers the essential knowledge and hands-on experience you need.
Throughout this course, you will engage in an intensive learning journey, covering a broad spectrum of critical security topics. You will gain practical experience in conducting thorough reconnaissance, executing comprehensive vulnerability assessments using tools like Nessus, and mastering network sniffing techniques.
The curriculum also delves into advanced areas such as web application exploitation, detailed malware analysis, and the strategic use of Netcat for security purposes. You will be exposed to real-world scenarios in both Windows and Linux environments, ensuring a well-rounded understanding of incident handling across different systems
. Our labs provide over 20 hours of immersive, hands-on exercises, designed to develop your competencies in identifying, responding to, and recovering from cybersecurity incidents.
By the end of this course, you will not only have enhanced your technical abilities but also positioned yourself as a proficient and capable incident handler, ready to tackle the complex challenges in the ever-evolving landscape of cybersecurity.
Course Highlights:
- Accredited by the NSA’s CNSS 4011-4016.
- Approved by Homeland Security NICCS training schedule.
- Included on the FBI’s preferred cybersecurity certification requirements.
- Aligned with the Department of Defense 8140 Initiative.
- The CIHE exam consists of 100 multiple-choice questions and takes approximately 2 hours.
- Minimum passing grade of 70% for certification.
Prerequisites
- 12 months network technologies
- Sound knowledge of networking and TCP/IP
- Linux knowledge is essential.
Audience
- Penetration Testers
- Microsoft Administrator
- Security Administrators
- Active Directory Administrators
- Anyone looking to learn more about security
Certified Incident Handler Engineer Outline:
Incident Handling Explained
- What is an incident?
- What is Incident Handling?
- Difference between Incident Handling and Incident Response
- The Incident Response Process
- Reasons for an Incident Response Plan
- Building an Effective Incident Response Team
Incident Response Policy, Plan, and Procedure Creation
- Incident Response Policy
- Incident Response Plan
- Incident Response Procedures
- Sharing Information with Outside Parties
Incident Response Team Structure
- Team Models
- Team Model Selection
- Incident Response Personnel
- Dependencies within Organizations
Incident Response Team Services
- Intrusion Detection
- Advisory Distribution
- Education and Awareness
- Information Sharing
Incident Response Recommendations
- Establishing a Formal Incident Response Capability
- Establishing Information Sharing Capabilities
- Building an Incident Response Team
Preparation
- Tools and Toolkits
- Policy
- Procedures
- Preventing Incidents
Chapter 7: Detection and Analysis
- Attack Vectors
- Signs of an Incident
- Sources of Precursors and Indicators
- Incident Analysis
- Incident Documentation
- Incident Prioritization
- Incident Notification
Containment, Eradication, and Recovery
- Containment Strategy
- Gathering and Handling Evidence
- Identifying Attacking Hosts
- Eradication and Recovery
GRR Rapid Response
- Introduction to GRR
- Installing GRR Server
- Deploying GRR Clients
- Investigating with GRR
Request Tracker for Incident Response
- Introduction to Request Tracker
- Using Request Tracker for Incident Response
Post-Incident Activity
- Lessons Learned
- Using Collected Incident Data
- Evidence Retention
Incident Handling Checklist
- Building Checklists
Incident Handling Recommendation
- Recommendations
Coordination and Information Sharing
- Coordination
- Information Sharing Techniques
Detailed Lab Outline
- Lab Introduction – Recording IPs and Logging In
- Labs on Identifying Incident Triggers, Drafting Incident Response Procedures, Identifying and Planning for Dependencies, Testing Plans and Feedback Loops, Drafting General Security Policies, Practicing Different Attack Vectors, Deploying and Using GRR, Creating Request Tracker Workflow, Lessons Learned and Documentation, Creating Incident Handling Checklists, Drafting Incident Response Recommendations, and Sharing Agreements and Reporting.
$3500.00
|
4 Days Course |