For registration please reach out to us by email to: ish@munich-airport.de
CSR102 - CDC Incident Handling Level 2
Technical Detection, Analysis & Response
ISH certificate "Security Incident Analyst - Level 2"
Delivery: classroom // Duration: 5 days
Incident analysts and threat responders have a challenging time understanding complex, multi-level attacks and APT adversary intrusions without pre-built indicators of compromise or threat intelligence gathered before a breach. One of the best ways to enhance capabilities is to test personal readiness in advanced attack scenarios at a hyper-realisitic Cyber Simulation Range. This course sets the stage for level-1-finishers to handle more complex cyber-attack scenarios defending both IT landscapes, IoT and OT/production environments.
Learning Objectives
By the end of this course, participants will be able to:
-
Understand emerging challenges and possible solutions in the field of IT & OT security
-
Utilize advanced CDC tools to filter out the signal within the noise of security alerts
-
Efficiently detect, assess and determine complex, multi-level and targeted attacks
-
Respond efficiently to critical security incidents in situations of stress accordingly
-
Work in a team of security analysts, incident responders and forensic experts
Course Content
-
Advanced Cyber Defense Center
-
Next generation security tools for larger cyber defense centers
-
Monitoring of security-related events in both IT, IoT and OT environments
-
Orchestration and information enrichment of security-relevant events
-
Automation of routine tasks in order to free time to focus on important tasks
-
Deception and denial of attackers in realtime
-
Gathering, enrichment and sharing of IoCs using TI
-
Extended Cyber Simulation Range
-
Familiarize with the setup of a hyper-realistic advanced CSR infrastructure
-
Understand the need for advanced CDC tools and actively use the technology
-
Understand the specifics of industrial & production environments
-
Stay efficient and avoid mistakes even in situations of stress
-
-
Practical training sessions in IT and OT environments
-
Understand the adversaries kill chain, tactics, techniques
-
Search for indicators of compromise (IoC) in logs, flows, protocols, executables
-
Identify reconnaissance, lateral movement, compromise, critical function calls, post-exploitation
-
Scope single and multiple path attacks with increasing complexity
-
Find active and dormant malware, bots and backdoors
-
Discover common hiding & evasion techniques
-
Actively defend an industrial production site against targeted attacks
-
Collect evidence of persistence and apply forensic post mortem offline analysis
-
Target Audience
-
ISH-certified “SECURITY INCIDENT ANALYST - LEVEL 1” analysts who regularly respond to complex security incidents/intrusions from APT groups/advanced adversaries and need to know how to detect, investigate, remediate, and recover from compromised systems across IT and OT environments
-
Threat hunters who are seeking to understand threats more fully and who want to learn from incidents in order to more effectively hunt threats and respond to future threats
-
Information security professionals who may encounter critical data breach incidents and targeted intrusions over a longer period of time
Pre-requisite for Course Registration
This courses focuses on detection and analysis and threat hunting of targeted and advanced persistent threats against IT and OT environments. It is a must to attend CSR101 first.
-
MUST: ISH certificate: "CYBER SECURITY ANALYST - LEVEL 1”
-
NICE TO HAVE: Hacking basics (Metasploit, Mimikatz, Kali, WebApp hacking etc.)
Upcoming Sessions
Dates | Location | Language | Registration fee (plus VAT) |
---|