0345 4506120

Intrusion Detection and Incident Response

The Intrusion detection & Incident Response three day course is designed for security practitioners responsible for responding to security incidents, security triage, security detection, response and remediation.

We don't currently have any courses listed for Intrusion Detection and Incident Response, would you like to view all courses for Information & Cyber Security?

Learning Objectives

  •   Introduction to Incident Response
  •   Introduction to Incident Investigation
  •   Investigation Techniques
  •   Incident Investigation Preparation
  •   Detection & Reporting
  •   Triage & Analysis
  •   Essential Incident Forensics
  •   Incident Containment
  •   Post Incident Response


Network Security Foundation and Security Fundamentals are essential prerequisites for this course.

Course Content

Module 1 Introduction to Incident Response

  •   Security incident response principles
  •   Understand the commercial impact of a security incident
  •   Incident response plans
  •   Computer incident response team (CIRT)

Module 2 Introduction to Incident Investigation

  •   Incident investigation techniques
  •   Security responders – key skills
  •   First responder people vs process
  •   Business continuity trade offs

Module 3 Investigation Techniques

  •   Detection & reporting
  •   Triage & analysis
  •   Containment
  •   Post incident response

Module 4 Incident Investigation Preparation

  •   Policies
  •   Communication standards
  •   Open source & threat intelligence
  •   Proactive response measures

Module 5 Detection & Reporting

  •   Detect techniques
  •   Deter techniques
  •   Defend techniques
  •   Reporting

Module 6 Triage & Analysis

  •   Security assessment techniques
  •   Network security assessments
  •   Network security analysis
  •   Evidential impact of a security assessment

Module 7 Essential Incident Forensics

  •   Chain of custody
  •   Legal principles and responsibilities
  •   Forensic artefacts
  •   Forensic analysis

Module 8 Incident Containment

  •   Describe the purpose of incident containment
  •   Challenges of incident containment
  •   Supply chain security
  •   Testing containment solutions

Module 9 Post Incident Response

  •   Internal communications
  •   External communications
  •   Reporting requirements
  •   Reporting forensic findings

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include