CIHE Outline - Certified Incident Handling Engineer

Certified Incident Handling Engineer (CIHE) – Outline

Gedetailleerde cursusinhoud

Course Introduction

Module 01: Incident Handling Explained Section 1: Introduction Section 2: What is an Incident? Section 3: What is Incident Handling? Section 4: Difference Between IH and IR Section 5: The Incident Response Process Section 6: Seven Reasons You Must Put Together an Incident Response Plan Section 7: How to Build an Effective Incident Response Team Section 8: Considerations for Creating an Incident Response Team Section 9: Tips for Incident Response Team Members
Module 02: Incident Response Policy, Plan and Procedure Creation Section 1: Introduction Section 2: Incident Response Policy Section 3: Incident Response Plan Section 4: Incident Response Procedures Section 5: Sharing Information with Outside Parties
Module 03: Incident Response Team Structure Section 1: Introduction Section 2: Team Models Section 3: Team Model Selection Section 4: Incident Response Personnel Section 5: Dependencies within Organizations
Module 04: Incident Response Team Services Section 1: Introduction Section 2: Intrusion Detection Section 3: Advisory Distribution Section 4: Education and Awareness Section 5: Information Sharing
Module 05: Incident Response Recommendations Section 1: Introduction Section 2: Establish a formal Incident Response Capability Section 3: Establish Information Sharing Capabilities Section 4: Building an Incident Response Team
Module 06: Preparation Section 1: Introduction Section 2: Threat Hunting Section 3: Threat Analysis Frameworks Section 4: Tools and Toolkits Section 5: Policy Section 6: Procedures Section 7: Preventing Incidents
Module 07: Detection and Analysis Section 1: Attack Vectors Section 2: Signs of an Incident Section 3: Sources of Precursors and Indicators Section 4: Incident Analysis Section 5: Incident Documentation Section 6: Incident Prioritization Section 7: Incident Notification Module 08: Containment, Eradication and Recovery Section 1: Selecting th Right Containment Strategy Section
: Gathering and Handling Evidence Section 3: Identifying the Attacking Hosts Section 4: Eradication and Recovery
Module 09: Post Incident Activity Section 1: Introduction Section 2: Lessons Learned Section 3: Using Collected Incident Data Section 4: Evidence Retention
Module 10: Incident Handling Checklist Section 1: Introduction Section 2: Building Checklists
Module 11: Incident Handling Recommendations Section 1: Introduction Section 2: Recommendations Section 3: Implement Threat Intel Module 12: Coordination and Information Sharing Section 1: Introduction Section 2: Coordination Section 3: Purple Teaming Section 4: Information Sharing Techniques Section 5: Granular Information Sharing Section 6: Sharing Recommendations"