Menu Close

Incident Response Specialist

Incident Response Specialist

CECyber training program for training the Cyber Incident Response Professional, which includes a preparatory course for the EXIN ISFS – Information Security Foundation (ISO 27001) certification and practical experience in the Cyberbti Range.


EXIN Information Security Foundation - ISFS (16h)*

Validates a professional’s knowledge of the concept, value and importance of information security, as well as threats and risks.

* Does not include voucher for the CompTIA certification test.

CECyber Range Experience (18h)

No Incident Response Professional | Basic, the student will be exposed to 5 real cyber attack scenarios in the Cyberbit Range. They are practical classes, ranging from 4 to 6 each. Scenarios contemplated:

  • WPAD Man-in-the-Middle;
  • DB Dump via FTP Exploit;
  • Java SendMail;
  • Ransomware;
  • WMI Worm.


Information Security Professionals, SOC Teams and Blue Teams who wish to acquire advanced and in-depth knowledge and experience in the Incident Response Process.

Level of expertise



Knowledge in Computer Networks, Communication Protocols, Operating Systems (Windows and Linux), Fundamentals of Forensic Analysis.


42 hours.


Presencial / Online.

Skills acquired

  • Processes for identifying cyber incidents;
  • Recognition of the stages of a cyber incident;
  • Process and steps for responding to a cyber incident;
  • Containment of a cyber incident;
  • Elaboration of a cyber incident response document;
  • Knowledge of the PDCERF cycle – preparation, detection, containment, eradication, recovery, and follow-up;
  • Registration and analysis of cyber incidents;
  • Analysis of malicious artifacts;
  • Vulnerability analysis;
  • Issuing alerts and warnings;
  • Prospecting or monitoring new technologies;
  • Security assessment;
  • Development of security tools;
  • Intrusion detection;
  • Dissemination of information related to security.

Organizations that implement CSIRTs benefit from the following benefits:

  • Existence of security incident response mechanisms;
  • Institution prepared for emerging threats;
  • Increase the degree of security, by developing a culture of security;
  • Creation of mechanisms aimed at preserving the institution;
  • Introduction of a critical sense in relation to the traditional view of IT.