Have a question about OUR data Science training course?
training@itic.com.au
1300 008 001
Certified Cyber Incident Response Manager (C-CIRM)
As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.
This training course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Lab exercises utilize the Project Ares® Cyber Range and Wireshark network protocol analyzer software.
The Certified Cyber Incident Response Manager course is a component of the career progression track that supports the required Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. It provides a common language to speak about cyber roles and jobs and can be referenced to define professional requirements in cybersecurity.
Learning Outcomes
Upon successful completion of the training program, participants will be able to:
Define the characteristics of a computer security incident, list the stages of the incident response life cycle, recognize the stages of the attack life cycle, and identify methods to reduce the likelihood of security incidents.
Explain the components of the current threat landscape, the capabilities of nation-state and non-nation-state threat actors, threats posed by digital computer crimes, legal challenges common to digital investigations, and the legal principles of investigating and prosecuting cybercrime.
Prepare a security strategy using labs and industry tools to create an effective incident response capability, define the response mission, prepare for incident response investigations, list potential signs of compromise, and verify indicators of compromise (IOC’s).
Compare the processes of performing forensic analysis, selection of analysis methods, host and network data collection practices, selection of live response tools and strategies, the location of potential data sources, and the challenges of live data acquisition from a network.
Propose a malware policy based on industry best practices which addresses the identification of malicious files, initial triage, handling procedures, documentation and distribution guidelines, static and dynamic analysis methods, and the use of sandboxes for automated analysis.
Recommend an incident response implementation that includes creating a remediation team, posturing actions, incident containment strategies, eradication plan development, plan timing and execution, developing strategic recommendations, and documenting lessons learned.
Course Outline
• Overview of The Incident Response Life Cycle
• Understanding the Threat Landscape
• Building an Effective Incident Response Capability
• Preparing for Incident Response Investigations
• Vulnerability Assessment and Management
• Identifying Network and System Baselines
• Indicators of Compromise and Threat Identification
• Investigative Principles and Lead Development
• Threat Intelligence Collection and Analysis
• Overview of Data Forensics and Analysis
• Host-Based Data Collection Practices
• Network-Based Data Collection Practices
• Static and Dynamic Malware Triage
• Incident Containment and Remediation
• Incident Reporting and Lessons Learned
• Creating Playbooks and Response Scenarios
Duration
Part-time: two days per week 9:00 am-1:00 pm (4 weeks)
Intake
Intakes are held monthly
Mode
Instructor-led online