Intrusion Detection and Incident Response

Provided by

Enquire about this course

About the course

The Intrusion detection & Incident Response three day course is designed for security practitioners responsible for responding to security incidents, security triage, security detection, response and remediation

Prerequisites
Network Security Foundation and Security Fundamentals are essential prerequisites for this course.

Delegates will learn how to
Introduction to Incident Response
Introduction to Incident Investigation
Investigation Techniques
Incident Investigation Preparation
Detection & Reporting
Triage & Analysis
Essential Incident Forensics
Incident Containment
Post Incident Response
Outline
Module 1 Introduction to Incident Response

Security incident response principles
Understand the commercial impact of a security incident
Incident response plans
Computer incident response team (CIRT)
Module 2 Introduction to Incident Investigation

Incident investigation techniques
Security responders – key skills
First responder people vs process
Business continuity trade offs
Module 3 Investigation Techniques

Detection & reporting
Triage & analysis
Containment
Post incident response
Module 4 Incident Investigation Preparation

Policies
Communication standards
Open source & threat intelligence
Proactive response measures
Module 5 Detection & Reporting

Detect techniques
Deter techniques
Defend techniques
Reporting
Module 6 Triage & Analysis

Security assessment techniques
Network security assessments
Network security analysis
Evidential impact of a security assessment
Module 7 Essential Incident Forensics

Chain of custody
Legal principles and responsibilities
Forensic artefacts
Forensic analysis
Module 8 Incident Containment

Describe the purpose of incident containment
Challenges of incident containment
Supply chain security
Testing containment solutions

Module 9 Post Incident Response

Internal communications
External communications
Reporting requirements

Enquire

Start date Location / delivery
16 Sep 2019 Birmingham Book now
16 Sep 2019 Distance learning Book now
07 Oct 2019 London Book now
07 Oct 2019 Distance learning Book now
13 Jan 2020 birmingham Book now
13 Jan 2020 Distance learning Book now
10 Feb 2020 London Book now
10 Feb 2020 Distance learning Book now

Related article

(ISC)² - Celebrating 30 Years of Cybersecurity Excellence with 30% off Online Instructor-Led Training For three decades, (ISC)² has been at the for...