Menu Close

Incident Response Specialist

Incident Response Specialist

CECyber training program for training the Cyber Incident Response Professional, which includes a preparatory course for the EXIN ISFS – Information Security Foundation (ISO 27001) certification and practical experience in the Cyberbti Range.

Content

EXIN Information Security Foundation - ISFS (16h)*

Validates a professional’s knowledge of the concept, value and importance of information security, as well as threats and risks.

* Does not include voucher for the CompTIA certification test.

CECyber Range Experience (18h)

No Incident Response Professional | Basic, the student will be exposed to 5 real cyber attack scenarios in the Cyberbit Range. They are practical classes, ranging from 4 to 6 each. Scenarios contemplated:

  • WPAD Man-in-the-Middle;
  • DB Dump via FTP Exploit;
  • Java SendMail;
  • Ransomware;
  • WMI Worm.

Public

Information Security Professionals, SOC Teams and Blue Teams who wish to acquire advanced and in-depth knowledge and experience in the Incident Response Process.

Level of expertise

Advanced.

Prerequisites

Knowledge in Computer Networks, Communication Protocols, Operating Systems (Windows and Linux), Fundamentals of Forensic Analysis.

Duration

42 hours.

Format

Presencial / Online.

Skills acquired

  • Processes for identifying cyber incidents;
  • Recognition of the stages of a cyber incident;
  • Process and steps for responding to a cyber incident;
  • Containment of a cyber incident;
  • Elaboration of a cyber incident response document;
  • Knowledge of the PDCERF cycle – preparation, detection, containment, eradication, recovery, and follow-up;
  • Registration and analysis of cyber incidents;
  • Analysis of malicious artifacts;
  • Vulnerability analysis;
  • Issuing alerts and warnings;
  • Prospecting or monitoring new technologies;
  • Security assessment;
  • Development of security tools;
  • Intrusion detection;
  • Dissemination of information related to security.

Organizations that implement CSIRTs benefit from the following benefits:

  • Existence of security incident response mechanisms;
  • Institution prepared for emerging threats;
  • Increase the degree of security, by developing a culture of security;
  • Creation of mechanisms aimed at preserving the institution;
  • Introduction of a critical sense in relation to the traditional view of IT.