ואצאפ
כפתור הקפץ למעלה
Syllabus CSTP

04

Incident Management and Response (IR)

Introduction to Incident Response:

Triad of Security Operations Center: People, Process and Technology. Intro to Incident Response Plan. How to handle security incident based on the six key phases of an Incident Response Plan. The importance of Incident Response and who is response for Incident Response. SOC Duties and Training Needs.

 

Introduction to SIEM:

Focus on Technology building block. SIEM & Security Components. Defense in Depth methodology. SIM & SEM. Log Management System. Why is SIEM Necessary? 8 Critical Features of SIEM. Deployment Options & Implementation.

 

Malware Analysis:

Intro to Practical Malware Analysis. Malware functionality & Analysis technics (Static vs Dynamic). The Goals of Malware Analysis. Types of Malwares & Malware behavior. Live demo of Dynamic Analysis Tools. Creating a Safe Analytical Environment.

 

Cyber Forensics:

Intro to Practical Digital Forensics. Definition & Principle. Forensic investigation what is & what is not. Scope of the investigation & The investigation Goals. The forensic lab & tools. Live demo of forensic tools & tactics. X-File: challenge.

 

Cyber Threat Intelligence:

Intro to Cyber Threat Intelligence. What Threat Intel is / does. Types of Threat Intel. Managing & Implementing  Threat Intel into Security Operation Center. Open Source Intelligence Tools. Live demo of OSINT technics.

 

חזרה לדף קורס CSTP - לחצו כאן