This course is designed to provide the fundamental skills to manage and respond to security incidents in an information system. The course addresses various underlying principles and to detect and respond to security threats current and emerging techniques. Students will learn how to handle various types of incidents, risk assessment methodologies and the various laws and in relation to the incident management policies. After attending the course will be able to create incident management and response policies and deal with the different types of computer security incidents.
The training program Incident Management will make students competent in handling and response to various security incidents as incidents of network security, malware incidents and threats insider attack. In addition, students will learn about their role in the management and incident response. The course also covers incident response teams, training methods incident management and recovery techniques incident in detail. Certified professionals provide greater industry acceptance as incidents experienced administrator.
This course will benefit significantly incident managers, administrators, risk assessment, penetration testing, audit evaluation vulnerability, system administrators, systems engineers, firewall administrators, network administrators, IT managers, professionals iT and anyone who is interested in incident handling and response.
Introduction to Incident Management:Current state of cybersecurity. Risks and threats.
Nature and purpose of incident management.
Main processes involving incident management.
Code of Conduct.
Information criticizesIdentification of critical information.
Nature of the incident.
Objective of the incident.
Establishing timeline of the incident.
Detection and reporting of incidentsProcess detection and reporting of incidents.
Policies and procedures.
Final Activity - Role playImplementation of knowledge and procedures.
Identification of possible errors.
Impact of the human factor.
Length: Classroom training 2 days 6 hours per day.
Target:System and network administrators.
Technical staff from incident response teams (CERT / CSIRT).
Responsible for TI security.
Technical staff and monitoring equipment.