CSIR 350
Cyber Security & Incident Response
Cyber Security & Incident Response is a course for developing Incident response skills and cyber security profession, it is perfect for tech-oriented candidates with no IT background that would like to develop themselves into the cyber industry.
350 Hours
Cloud Environment
Instructor Led
Virtual Labs & Simulation
Cyber Security & Incident Response is a course for developing and improving Incident response skills and capabilities, for students and teams with IT knowledge and background. Completing this course will provide the students with an introduction to Incident Response, learn how to response to common security incidents, perform Malware Analysis and Digital Forensics Investigation, dive into “Insider” and Malware Threats, and into the Threat Intelligence arena.
WHO IS IT FOR
Tech-oriented with no IT background
Tech & IT Teams
Security Teams
STEM Students (Year 3+)
Business Admin Students
GOALS
Get Famliiar with absic IT and its Components - OS,Servers, communication, networks
Understand the Incident Response plan & methodologies
Detect, Identify and contain the most common cyber security incidents
Look for suspicious activity of Malware & Malicious code on your endpoints
Analyze malware with several technics (Static & Dynamic)
Find, collect and perform Forensics Investigation of digital evidence
Look for Cyber Threat Intelligence feeds with Online & Open-Source Tools
Requirements
Good English Level
Tech orientation – such as browsing the Internet
- Course Introductions (Administrative and Preliminaries)
- Computer Structure
- Introduction to Operating Systems
- Operating Systems – the Basics
- Microsoft Operating Systems – the Basics
- Microsoft Operating Systems – Command Line
- Microsoft Operating Systems – Windows Registry”
- Install and Setup a Windows Virtual Machine
- Windows OS Troubleshooting Exercise
- Module Final Exam
- OSI Module
- Protocols, Ports & TCP IP
- Packet Tracer
- Various Networking Setups and Troubleshooting
- Network Analysis Intro
- Cloud security
- Module Final Exam
- Introduction to Windows Server
- DNS and DHCP Services
- Microsoft Active Directory
- System Configurations Management
- Module Final Exam
- Introduction to Linux
- Linux Shell Basics
- Basic System Administration
- Advanced Shell Tools (grep, sed, awk)
- Introduction to Shell Scripting (Bash)
- Introduction to Firewalls
- Firewall Architecture
- Policies, Tunnels & Security
- Module Exam
- Variables
- Loops and Conditions
- Automating OS Functionalities
- Module 6 Exam
- Historical Brief of Cybersecurity
- Defining Cybersecurity
- Cyber Security Governance and Compliance
- Cybersecurity Principles
- Module Exam
- Preliminaries to Web Applications
- Fun and Profit
- Cybersecurity Defensive Technologies
- Module Exam
- The Security Operation Center (The SOC)
- NIST SP800-60 Methodology
- MITRE ATT&CK Matrix
- Module Exam
- The Technological Building Blocks of SOCs
- Sources of Security Events – The Network
- Sources of Security Events – Desktops and Servers
- Working with Raw Data and Data Parsing
- Administration of SIEM Rules
- Data Aggregation and Events Correlation
- Conducting Triage via SIEM Resources
- Module Exam
- Introduction to CTI
- Introduction to OSINT
- CTI/OSINT Practice
- Module Exam
- Introduction to Cyber Forensics
- Handling Digital Evidence
- Common Cyber Forensics Tools
- Forensics Artifacts – Windows OS
- Forensics Artifacts – Network
- Introduction to Memory Forensics
- Practical Forensic Investigation
- Module Exam
- Malware Analysis Intro
- Static vs. Dynamic Malways Analysis
- Dynamic Malware Analysis
- Email Analysis, IOC Investigations
- Writing Investigation Report
- Practical Malware Analysis
- Module Exam
- Hands-On Marathon
Putting together all we learned into one comprehensive project.
138 Hours of hands-on activities
Total amount of practical experience during this course.
Preparing you for the most relevant certifications
