SECURITY INCIDENT HANDLING FOR SOC-ANALYSTS – LEVEL 2 [CSR102]
ISH CERTIFICATE “SECURITY INCIDENT ANALYST – LEVEL 2”
DELIVERY: CLASSROOM // DURATION: 5 DAYS
Incident analysts and threat responders have a challenging time understanding complex, multi-level attacks and APT adversary intrusions without pre-built indicators of compromise or threat intelligence gathered before a breach. One of the best ways to enhance capabilities is to test personal readiness in advanced attack scenarios at a hyper-realisitic Cyber Simulation Range. This course sets the stage for security analysts to handle more complex cyber-attack scenarios defending both IT landscapes and OT / production environments.
|01.04. – 05.04.19||Munich Airport||German||€ 4.900,- €|
|01.07. – 05.07.19||Munich Airport||English||€ 4.900,- €|
|11.11. – 15.11.19||Munich Airport||German||€ 4.900,- €|
- By the end of this course, students will be able to:
- Utilize integrated tools of a SOC Technology Stack
- Efficiently detect, assess and determine the scope of incidents
- Detect and respond to complex, multi-level attacks in stressful situations
- Track lateral movement and trace attackers transitioned from system to system
- Work in a high performing team of analysts, responders and forensic experts
- SOC analysts who regularly respond to complex security incidents/intrusions from APT groups/advanced adversaries and need to know how to detect, investigate, remediate, and recover from compromised systems across an enterprise.
- Threat Hunters who are seeking to understand threats more fully and how to learn from them in order to more effectively hunt threats and respond.
- Information Security Professionals who may encounter data breach incidents and intrusions.
- The Cyber Simulation Range
- Understanding the simulated IT / OT infrastructure
- Introduction to communication, documentation, process management
- Understanding the SOC technology stack and tool-base
- Instruction and assignment of the roles in the SOC
- Practical Training Sessions in IT / OT environments Detecting the initial attack vectors and lateral spread
- Analyze and evaluate vulnerabilities and exploit techniques
- Determine the possible extent of damage
- Applying forensic methods to provide evidence
- Combat attacks and restore compromised systems
- Defend IT / OT infrastructures against situationspecific live attacks
- React, coordinate, communicate in simulated Cyber War Games
PRE-REQUISITE FOR COURSE REGISTRATION
CSR102 is an incident analytics and threat hunting course that focuses on detection and analysis and response of advanced persistent threats against IT and OT environments. It’s highly recommended to attend CSR101 first.