Certified Cyber Incident Response Manager: Exam Prep Guide (Paperback)
Certified Cyber Incident Response Manager
As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.
The Certified Cyber Incident Response Manager certification course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Practical lab exercises utilize Wireshark, a packet capturing tool used in real-world investigations.
Domain 01: Overview of The Incident Response Life Cycle
Domain 02: Understanding The Threat Landscape
Domain 03: Building an Effective Incident Response Capability
Domain 04: Preparing for Incident Response Investigations
Domain 05: Vulnerability Assessment and Management
Domain 06: Identifying Network and System Baselines
Domain 07: Indicators of Compromise and Threat Identification
Domain 08: Investigative Principles and Lead Development
Domain 09: Threat Intelligence Collection and Analysis
Domain 10: Overview of Data Forensics and Analysis
Domain 11: Host-Based Data Collection Practices
Domain 12: Network-Based Data Collection Practices
Domain 13: Static and Dynamic Malware Triage
Domain 14: Incident Containment and Remediation
Domain 15: Incident Reporting and Lessons Learned
Domain 16: Creating Playbooks and Response Scenarios.