Cyber Security Incident Response Certified Cyber Threat Hunter (CCTH)

Provided by

Enquire about this course

About the course

Cyber Security Incident Response Certified Cyber Threat Hunter (CCTH)

This is a specialist-level course for those security professionals involved in ​network security, security operations, incident response or penetration testing looking to develop in their role or wishing to enhance their proactive skills in detecting and mitigating threats.

You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment.

​​

How will I benefit?
This course will give you:

  • The skills to undertake your own threat hunts and develop your methodologies
  • The ability to understand and correlate separate artefacts into larger patterns to better identify potential threats

For more information about this course, please see below


What will I learn?

  • You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment
  • How to effectively conduct and automate data collection from remote locations using built-in and third party tools so that vital clues and potential threats will not be missed
  • How to correlate and analyse data to successfully identify active and passive threats already existing within a network

 

Who should attend?

  • Experienced cyber security professionals
  • Senior Security Operations Centre Analysts 
  • Incident responders
  • Penetration testers​


WHAT WILL I LEARN?
You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment

UPON COMPLETION OF THE COURSE YOU WILL HAVE LEARNT

  • How to effectively conduct and automate data collection from remote locations using built-in and third-party tools so that vital clues and potential threats will not be missed
  • How to correlate and analyse data to successfully identify active and passive threats already existing within a network

HOW WILL I BENEFIT?
This course will give you:

  • The skills to undertake your own threat hunts and develop your methodologies
  • The ability to understand and correlate separate artefacts into larger patterns to better identify potential threats

WHO SHOULD ATTEND?

  • Experienced cyber security professionals, senior SOC analysts, incident responders and penetration testers looking to enhance their skillsets to understand how to look for and collect artefacts pertaining to an attack or data breach.

PREREQUISITES
This is an advanced course. Delegates wishing to attend should have a good working knowledge of PowerShell including WMI and command line
tools. A good working knowledge of attack techniques, networking, malware investigations, including network and forensic investigations are also prerequisites for attending this course.

WHAT QUALIFICATION
WILL I RECEIVE?

Upon successful completion of the practical exam, you will be awarded
the Certified Cyber Threat Hunter qualification

Syllabus

Throughout the course, your time will be split between learning the methods and principals required to conduct a successful threat hunt within an enterprise environment and applying these in practical, hands-on exercises based on real-life scenarios.
Topics covered will include:
1. Applicable law and standards
a. Relevant legislation
b. ISO Standards
c. Competency

2. Theory & models
a. What is Threat Hunting?
b. Hunting principals
c. Relevant frameworks
d. Threat types

3. Computer networks
& environments
a. Network infrastructure
b. Network nodes

4. Practical considerations
a. Security monitoring
b. Operating System-based
c. File System-based
d. Network-based

5. Information gathering
& data collection
a. Scoping
b. Existing information
c. Scripting and automation
d. Tools & techniques
e. Data collection

6. Interpretation and analysis
a. Data aggregation &
normalisation
b. Interpretation
c. Analysis

7. Threat hunting exercises
a. Three 1 day labs
b. Realistic threat hunting scenarios
c. In-depth learning of relevant
attacker tactics, threats and
procedures

8. Practical final exercise and
exam based on the methods and
techniques learned throughout
the course

 

 

Enquire

Start date Location / delivery
24 Feb 2020 Cambridge
15 Jun 2020 Cambridge
12 Oct 2020 Cambridge

Related article

Cyber security training is falling short, one expert has warned. A global expert in cyber security has warned that the dearth of talent in the indu...