Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
Fundamentals of Incident Handling is a five-day course designed for computer security incident response team (CSIRT) technical personnel with little or no incident handling experience.
Full Description:
Course Description
Fundamentals of Incident Handling is a five-day course designed for computer security incident response team (CSIRT) technical personnel with little or no incident handling experience.
This course is designed to provide insight into the type and nature of work that an incident handler may be expected to perform. It will provide an overview of the incident handling arena, including CSIRT services, intruder threats, and the nature of incident response activities. The goals of the course are to help you
understand how to gather the information required to handle an incident
realize the importance of having and following pre-defined CSIRT policies and procedures
understand the technical issues relating to commonly reported attack types
perform analysis and response tasks for various sample incidents
apply critical thinking skills in responding to incidents
identify problems and pitfalls to avoid in CSIRT work
Led by CERTŪ Coordination Center (CERT/CC) staff members, this course will help you to
understand the technical, communication and coordination issues involved in providing a CSIRT service
provide effective, reliable, and consistent CSIRT services
learn the basics of incident handling
Audience · Prerequisites · Objectives · Instructors · Logistics
AUDIENCE
prospective computer security incident response team (CSIRT) technical staff
new CSIRT technical staff (those having one to three months on the job)
experienced CSIRT staff who would like to improve their skills through formal training
PREREQUISITES
familiarity with Internet services and protocols
some experience with system administration for Windows NT or UNIX systems
some familiarity with computer security incident handling activities recommended but not required
TOPICS
CSIRT environment
CSIRT code of conduct
security tools for system administration
overview of probes, scans, and common intruder attacks
identifying and gathering critical information
overview of DNS
handling the CSIRT hotline
recording, tracking, and categorizing information
analyzing incident reports
finding contact information
coordinating response
working with law enforcement
using PGP
Trojan horses, back doors, and sniffers
handling various common attacks such as e-mail, spoofing or spamming, denial of service, and malicious code
The course incorporates interactive instruction, practical exercises, and role playing. Attendees have the opportunity to participate in CSIRT hotline call scenarios and to respond to sample incidents that they might face on a day-to-day basis.
OBJECTIVES
Successful completion of this course will enable participants to
understand the technical, communication and coordination issues involved in providing a CSIRT service
provide effective, reliable, and consistent CSIRT services
learn the basics of incident handling
LOGISTICS
Class Schedule
Fundamentals of Incident Handling is a five day course. The daily schedule is from 9:00 a.m. to 5:00 p.m.
Availability
Fundamentals of Incident Handling is offered at the SEI in Pittsburgh, PA and Arlington, VA.
For More Information
CERT Coordination Center Web site: http://www.cert.org
For more information about public courses and on-site training, contact
Duration:
5 Days
Price:
$2500
Submitted by: admin
Hits: 0
SEI's Fundamentals of Incident Handling Course Web Page
|
