Certified Security Incident Responder (CSIR)

Provided by

Enquire about this course

Overview

This specialist-level course is for professionals who are looking to develop and improve their knowledge or ability in the Cyber Security Incident Response (CSIR) field. Ths course follows the CREST incident response model and focuses on the knowledge required to effectively respond to a cyber incident.

Key Benefits:-

This course will enable you to:
  • Learn the knowledge required to undertake incident response activities
  • Gain confidence to identify and capture live Operating System artefacts
Upon successful completion of the exam, you will be awarded the Certified Cyber Security Incident Response (CSIR) qualification.

The course will also provide underpinning knowledge required to undertake the CREST CRIA certification.

Who Should Attend

Cyber security professionals or digital forensic investigators who want to extend their knowledge and skills in the CSIR field.

Prerequisites

You will need some experience or a good understanding of:-
  • The CSIR process
  • Windows Operating Systems
  • Command line interface
  • Computer networks
  • Forensic investigations
  • Malware investigations
Delegates will learn how to

The Skills You Will Learn:-
  • You will learn the knowledge required to respond to a cyber incident
  • You will practice all the fundamental skills needed to be an effective member of a CSIR team
Outline

SYLLABUS

The course syllabus follows the CREST CRIA knowledge requirement. A sample of course content includes:
  • Engagement Lifecycle Management
  • Benefits of Incident Response & preparation
  • Incident Response engagements, procedures & processes
  • Threat Assessment
  • Understand threat assessments and attacker motivation
  • Law & Compliance
  • Knowledge of pertinent legislation & regulatory requirements
  • Windows Operating System
  • Windows NT architecture
  • Registry & start-up locations
  • Removable storage
  • Account types & access Control
  • Executed files and associated processes
  • Networking
  • Understanding network architectures
  • IP routing
  • Windows domain
  • IEEE 802.11
  • Traffic capture
  • Cryptography
  • Encryption types
  • Hashing
  • Encryption Protocols
  • Common Data Formats
  • Understand common data formats
  • Storage Media
  • Storage media types
  • RAID basics
  • NTFS File System
  • File structures
  • ACL;s and SID;s
  • File carving
  • Open Source Investigations
  • Whois records
  • Search engines
  • Social media
  • Other online resources
  • Host Based Acquisition
  • File & Data Extraction
  • Memory Extraction
  • Malware & Investigations
  • Understanding web based attacks
  • Infection vectors, rootkits & hiding techniques
  • Live malware analysis
  • Traffic capture and unusual protocol behaviour
  • Reporting requirements
  • Enquire

    Start date Location / delivery
    No fixed date United Kingdom Book now
    01132207150 01132207150

    Related article

    The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,