Incident Response Management

Get course
stm_lms_placeholder

JC: Incident Response Management

This one-day course, designed for computer security incident response team (CSIRT) and security operations center (SOC) technical personnel with several months of incident handling experience, addresses techniques for detecting and responding to current and emerging computer security threats and attacks.

This course provides guidance that incident handlers can use in responding to complex threats and attacks, including persistent threats. Through interactive instruction, facilitated discussions, instructors help participants identify and then propose appropriate response strategies.

Participants also review more advanced types of activities related to incident handling such as threat hunting; artifact and malware analysis; vulnerability handling; and publishing and communicating information.

COURSE CONTENT

IT Risk Identification
IT Risk Assessment
Risk Response and Mitigation
Risk & Control Monitoring and Reporting

Course Name:
JC: Certified CSRM or JC:CSRM 

Course Code:
JCS091CSRM30EX

Duration: 4 days
Language: English

 

Who should attend?

  • Cyber Security Officers
  • Cyber Security Managers
  • IT Risk Managers
  • Auditors
  • Cyber Systems Owners
  • Cyber Security Control Assessors
  • Cyber System Managers
  • Government Sectors
  • CISO/BISO/TISO

Format:

  • Instructor-led classroom
  • Live Virtual Training

Prerequisites:

  • 5 years experience in at least 2 modules or
  • 4 years in Cyber Security    Management

Student Materials:

  • Student e-Workbook 

Certification Exams:

  • JC:CSRM – Certified Cyber Systems Risk Manager
  • Covers CRISC® exam    objective

UPON COMPLETION

Upon completion, JC: Incident Response Management candidates will be prepared to pass the CCSRM exam. In addition, the candidate will be competent to implement risk management best practices and Federal standards. Students will enjoy an in-depth course that is continuously updated to maintain and incorporate the ever-changing security and risk environment.

 

EXAM INFORMATION

The Incident Response Management exam is taken online through JC-Shield’s Assessment and Certification System (“JCACS”), which is accessible on your JC-Shield account. The exam will take 3 hours and consist of 150 multiple choice questions. The cost is $350 USD and must be purchased from JC-Shield account.

What you will learn

1
Incident Response Capability
20 Minut
2
Incident Response Policy, Plan & Procedure Creation
3
Incident Response Team Structure
4
Incident Response Team Services
5
Recommendations
6
Handling an Incident (IM Life Cycle)

Section 2

1
Preparation
2
Preventing Incidents
3
Detection and Analysis
4
Attack Vectors
5
Signs of an Incident
6
Sources of Precursors and Indicators
7
Incident Analysis
8
Incident Documentation
9
Issue Tracking – Must Have following…
10
Incident Prioritization
5 Minut
11
Incident Priority
5 Minut

Section 3

1
Incident Severity Level
2
Team Responsibility
3
Incident Management Communication Plan
4
Incident Notification
5
Containment, Eradication, and Recovery
6
Choosing a Containment Strategy
7
Evidence Gathering and Handling

Section 4

1
Identifying the Attacking Hosts
2
Eradication and Recovery
3
Post-Incident Activity
4
Lessons Learned (All ‘W’ and ‘H’)
5
Using Collected Incident Data
6
Evidence Retention
7
Incident Handling Checklist
8
Recommendations

Section 5

1
Coordination and Information Sharing
2
Coordination
3
Coordination Relationships
4
Sharing Agreements and Reporting Requirements

Section 6

1
Sharing Information with …?
2
Information Sharing Techniques
3
Granular Information Sharing
4
The key Recommendations
5
Creating a Computer Security Incident Response Team

Thank You

1
Thank You!!!

EXAM INFORMATION

The Incident Response Management exam is taken online through JC-Shield’s Assessment and Certification System (“JCACS”), which is accessible on your JC-Shield account. The exam will take 3 hours and consist of 150 multiple choice questions. The cost is $350 USD and must be purchased from JC-Shield account.

Online Course Fee: $ 1450.00

JCACS Fee: · $ 350.00

Be the first to add a review.

Please, login to leave a review