Introduction to Incident Handling
- a) Types and Examples of Cybersecurity Incidents
- b) Signs of an Incident
- c) Incident Prioritization
- d) Incident Response and Handling Steps
- e) Procedures and Preparation
OPEN VIRTUAL CLASS
This is an international Open Virtual Class, which means you will share the learning experience in a group of IT pros from around the world! The class is taught in English by Paula Januszkiewicz, who is a world-renowned cybersecurity Expert, the founder of CQURE and CQURE Academy, and Microsoft Regional Director and MVP. Remember that this course is limited to 12 participants total to ensure the highest quality and unique learning experience! During this course you will have an opportunity to interact with the instructor and get Paula’s help with any problems you might encounter, just as if it was a regular class.
Loads of Knowledge
Forensics and Incident Handling are constantly evolving and crucial topics in the area of cybersecurity. In order to stay on top of the attackers, the knowledge of Individuals and Teams responsible for collecting digital evidences and handling the incidents has to be constantly enhanced and updated. This advanced training provides skills necessary to find, collect and preserve data in a correct manner, analyze it and get to know as much about the incident as possible. This is an intense hands-on course covering the general approach to forensics and incident handling, network forensics, important aspects of Windows internals, memory and storage analysis, detecting indicators of compromise and a proper way of reporting. The course is limited to 12 participants, so reserve your spot today!
This course is packed with unique labs exercises! To get more practice we offer three extra weeks of labs online!After the training concludes, you may practice even more and repeat to consolidate newly gained skills and knowledge.
This course is ideal for:
IT professionals, Forensics and Incident Handling Specialists, Security Consultants, Enterprise Administrators, Infrastructure Architects, Security Professionals, Systems Engineers, Network Administrators and other people responsible for implementing network and perimeter security.
Platform and Technical Requirements:
To participate in the course you need a Stable internet connection. For the best learning experience we also need you to have a webcam, headphones and a microphone. Open RDP port 3391 for the connection to the Lab environment is needed as well. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.
After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible to claim CPE points!
Tools, software and examples used during the course:
|• Belkasoft RAM Capturer||• StuxNet Memory Dump||• Registry Explorer/RECmd||• The Sleuth Kit® (TSK)|
|• Autopsy||• DumpIt||• DC3DD||• Arsenal Image Mounter|
|• Reclaim Me||• ReFS Images||• SysInternals Toolkit||• ShadowCopyView|
|• RegRipper||• Rifiuti2||• Volatility||• FullEventLogView|
|• EVTXtract||• Loki IOC Scanner||• Yara||• LECmd|
|• LinkParser||• PECmd||• SkypeLogViewer||• SQLiteBrowser|
|• NetWork Miner||• Wireshark|
a) Introduction to Windows Internals
b) Fooling Windows Task Manager
This module covers the restrictions and important details about digital evidence gathering. Moreover, a proper structure of digital evidence report will be introduced.
Click here to browse the modules:
The course is delivered by Paula Januszkiewicz, CEO of CQURE, a world-renowned expert in the cyber security field with practical knowledge from dozens of successful projects, years of real-world experience, great teaching skills, and no mercy for misconfigurations or insecure solutions.