Advanced Topics in Incident Handling

Heinz College

Heinz College

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Who should attend

current computer security incident response team (CSIRT) and security operations center (SOC) technical staff with six or more months incident handling experience

About the course

This four-day course, designed for computer security incident response team (CSIRT) and security operations center (SOC) technical personnel with several months of incident handling experience, addresses techniques for detecting and responding to current and emerging computer security threats and attacks.

Building on the methods and tools discussed in the Foundations of Incident Management course, this course provides guidance that incident handlers can use in responding to complex threats and attacks, including persistent threats. Through interactive instruction, facilitated discussions, and group exercises, instructors help participants identify and analyze a set of events and then propose appropriate response strategies.

Participants work as a team throughout the week to handle a series of escalating incidents that are presented as part of an ongoing scenario. Work includes team analysis of information and presentation of findings and response strategies. Participants also review more advanced types of activities related to incident handling such as threat hunting; artifact and malware analysis; vulnerability handling; and publishing and communicating information.

This CERT incident handling course, which adds additional expertise for understanding incident handling and related practices and functions, can be used to prepare for the CERT-Certified Incident Handler Certification. Before registering for this course, participants are encouraged to attend the companion course, Foundations of Incident Management.

Objectives

This course will help participants to

  • detect and characterize various attack types
  • develop a strategy for analyzing and responding to complex or major events and incidents within your organization
  • comprehend various methods for analyzing artifacts left on a compromised system and issues involved with such analysis
  • develop and execute cyber threat hunting goals
  • obtain practical experience in the coordination of vulnerability handling tasks
  • formulate and deliver effective publications and communications such as advisories, alerts, after-action reports and management briefings

Topics

  • incident handling lifecycle review
  • data loss prevention techniques
  • advanced persistent threats
  • artifact and malware analysis categories and techniques overview
  • fundamental causes of vulnerabilities
  • vulnerability handling overview
  • analyzing and coordinating response to major computer security events and incidents
  • developing and delivering effective communications

Schedule

This four-day course meets at the following times:

Days 1-4, 8:30 a.m.-4:30 p.m.

Advanced Topics in Incident Handling at Heinz College

This course has no confirmed dates in the future. Subscribe to be notified when it is offered.


Something went wrong. We're trying to fix this error.

Thank you

Someone from the Coursalytics team will be in touch with you soon.

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.

We are happy to help you find a suitable online alternative.