Cyber Security Incident Response Certified Cyber Threat Hunter (CCTH)
Provided by 7safe
About the course
Cyber Security Incident Response Certified Cyber Threat Hunter (CCTH)
Book your training three months in advance of the course start date and get a 20% discount, as reflected in the pricing above
This is a specialist-level course for those security professionals involved in network security, security operations, incident response or penetration testing looking to develop in their role or wishing to enhance their proactive skills in detecting and mitigating threats.
You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment.
How will I benefit?
This course will give you:
- The skills to undertake your own threat hunts and develop your methodologies
- The ability to understand and correlate separate artefacts into larger patterns to better identify potential threats
For more information about this course, please see below
What will I learn?
- You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment
- How to effectively conduct and automate data collection from remote locations using built-in and third party tools so that vital clues and potential threats will not be missed
- How to correlate and analyse data to successfully identify active and passive threats already existing within a network
Who should attend?
- Experienced cyber security professionals
- Senior Security Operations Centre Analysts
- Incident responders
- Penetration testers
WHAT WILL I LEARN?
You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment
UPON COMPLETION OF THE COURSE YOU WILL HAVE LEARNT
- How to effectively conduct and automate data collection from remote locations using built-in and third-party tools so that vital clues and potential threats will not be missed
- How to correlate and analyse data to successfully identify active and passive threats already existing within a network
HOW WILL I BENEFIT?
This course will give you:
- The skills to undertake your own threat hunts and develop your methodologies
- The ability to understand and correlate separate artefacts into larger patterns to better identify potential threats
WHO SHOULD ATTEND?
- Experienced cyber security professionals, senior SOC analysts, incident responders and penetration testers looking to enhance their skillsets to understand how to look for and collect artefacts pertaining to an attack or data breach.
PREREQUISITES
This is an advanced course. Delegates wishing to attend should have a good working knowledge of PowerShell including WMI and command line
tools. A good working knowledge of attack techniques, networking, malware investigations, including network and forensic investigations are also prerequisites for attending this course.
WHAT QUALIFICATION
WILL I RECEIVE?
Upon successful completion of the practical exam, you will be awarded
the Certified Cyber Threat Hunter qualification
Syllabus
Throughout the course, your time will be split between learning the methods and principals required to conduct a successful threat hunt within an enterprise environment and applying these in practical, hands-on exercises based on real-life scenarios.
Topics covered will include:
1. Applicable law and standards
a. Relevant legislation
b. ISO Standards
c. Competency
2. Theory & models
a. What is Threat Hunting?
b. Hunting principals
c. Relevant frameworks
d. Threat types
3. Computer networks
& environments
a. Network infrastructure
b. Network nodes
4. Practical considerations
a. Security monitoring
b. Operating System-based
c. File System-based
d. Network-based
5. Information gathering
& data collection
a. Scoping
b. Existing information
c. Scripting and automation
d. Tools & techniques
e. Data collection
6. Interpretation and analysis
a. Data aggregation &
normalisation
b. Interpretation
c. Analysis
7. Threat hunting exercises
a. Three 1 day labs
b. Realistic threat hunting scenarios
c. In-depth learning of relevant
attacker tactics, threats and
procedures
8. Practical final exercise and
exam based on the methods and
techniques learned throughout
the course