Incident Handler

The threat of cybercrime is the new reality and major concern for enterprises worldwide. Unfortunately, most organizations, don’t have a proactive approach to information security. Alarmingly, 76% of organizations globally do not have an Incident Response plan, making it difficult for them to reliably identify, contain and recover from a cyber-attack. An incident response plan prepares enterprises for both known and unknown threats.

Star Incident Handler Expert is a comprehensive certification training program designed to help learners acquire skills required to manage enterprise security incidents by understanding common attack techniques, vectors and tools, while avoiding common errors; thus, increasing both the effectiveness and efficiency of their incident response efforts.

The program introduces the learners to various incidents related to computer/information security, detailing all the aspects of incident handling from proper incident response management, to risk assessment and mitigation, to the techniques, policies and laws, further, to creating a proper incident response and recovery system for future. The purpose of SIHE is to help the learners master the skills they need to establish a successful career as an Incident Handler.

Audience

• Intermediate

Course Objectives

In this course, you will learn about:

• How to prepare secure incident response system and understand the threats associated with such systems
• How to implement incident response system to prepare its defence against attacks
• Creating recovery plan based on the past attacks and threats
• Various network security incidents and malicious code incidents
• Internal threats and how to manage them

Course Outcome

After competing this course, you will be able to:

• Explain incident response in an enterprise environment
• Develop an incident response plan and a response team
• List the policies and laws related to incident handling
• Manage the computer security related incidents and prepare for future risk mitigation, from malicious code attacks and threats associated
• Help organizations built their own Incident Management Systems
• Design a recovery plan and manage internal threats

Table Of Contents Outline

• Exploring Incident Response System and Risk Analysis
• Exploring Incident Handling Policies and Law
• Exploring Incident Response Handling and Creating an Incident Response Team
• Creating Incident Recovering Planning Documents
• Use of Forensic Analysis in Incident Response
• Identifying and Controlling Network Security Incidents
• Identifying and Controlling Malicious Code Incidents
• Managing Internal Threats

Labs

• Lab 1 - How to implement GNU Privacy Guard (GnuPG)?
• Lab 2 - How to perform Network Traffic Monitoring and Auditing using Ntopng and Nessus Home
• Lab 3 - How to perform Network Traffic Monitoring and Auditing using Wireshark?
• Lab 4 - How to perform Network Auditing using Snort
• Lab 5 - How to Protect Network using iptables?
• Lab 6 - How to perform Employee Monitoring by Spytech SpyAgent?
• Lab 7 - How to Perform Forensic Analysis on Linux using Various Commands?
• Lab 8 - How to use Sysinternals Suite to perform Forensic Analysis?