0345 4506120

Incident Response Cyber Security Incident Response (CSIR)

This specialist-level course is for technical professionals who are looking to develop or improve their knowledge or ability in the Cyber Security Incident Response (CSIR) field.

 

This five-day course follows the CREST incident response model and focuses on the knowledge and key skills required to effectively respond to a cyber incident. You will spend a good proportion of the course practising and honing your CSIR skills and methodologies utilising virtualised environments which replicate real-life scenarios and the unique challenges face dby CSIR consultants.

Target Audience:

This is an intensive training course designed for CSIR practitioners and cyber security practitioners involved in the discipline or forensic practitioners who wish to extend their knowledge and skills in this unique
field. These include:Cyber security incident response team members
System/network administrators/engineers IT security personnel/security officers Forensic practitioner Law enforcement officers & agents

Reset

Learning Objectives

This course will enable you to learn new methodologies for responding to CSIR events and practice both core and advanced techniques.

You will also gain confidence and improve your CSIR skills for when responding to a cyber event.

Pre-Requisites

You will need an understanding or experience of:

The CSIR process Forensic investigations Windows operating system CLI We strongly recommend completion of the7Safe CFIP and CMI courses or similar as a minimum before attending this course.

Course Content

You will learn and practice core level and advanced CSIR skills needed to effectively respond to a cyber breach together with methods to identify and examine relevant artefacts of interest. Upon completion of the course you will have learnt: Advanced use of PowerShell and exploitation of WMI.
Writing of bespoke PowerShell scripts and parsers Identification of suspect processes Advanced detection and analysis of injected processes Identification and analysis of infected documents (MS Office e & PDF) Infection vector analysis Rebuilding network traffic Breakdown and examination of log files

Exams & Certification

 

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Our Customers Include