Course Description

The Incident Response course is designed to equip participants with the skills and knowledge necessary to effectively respond to and manage cybersecurity incidents within an enterprise environment. The course covers a comprehensive incident response framework, focusing on preparation and detection phases. Through a combination of theoretical knowledge and hands-on lab exercises, participants will learn how to identify and analyze security threats, ensuring the resilience and security of their organization's digital infrastructure even if the enterprise is not equipped with the proper new tools and technologies to do that work.

Pricing Options

Kindly choose the enrollment pricing option that suits you best. If you're enrolling as a group or need a custom plan, please contact us. We're here to help!

  • Incident Response 101

    Course Material + 40 hours of virtual lab access

    $100.00

    Buy Now

Course Curriculum

    1. Required Files

    1. Introduction

    2. Challenges in Large Scale IR

    3. Course Lab - Diagram

    4. Course Lab - Scenario

    1. Preparation Phase

    2. PowerShell Remoting

    3. Lab #1

    4. Lab #1 - Solutions

    5. Kansa “Remote Windows investigation”

    6. Lab #2

    7. Lab #2 - Solutions

    8. Ansible “Remote Linux investigation”

    9. Lab #3

    10. Lab #3 - Solutions

    1. Detection Phase

    2. Anomaly Detection “Windows”

    3. System Information

    4. Network Information

    5. Process Information

    6. Active Sessions

    7. Tracking Logging Events

    8. Lab #4

    9. Lab #4 - Solutions

    10. Anomaly Detection “Linux”

    11. Time Zone

    12. Network Information

    13. Process Information

    14. Login Information

    15. Command History

    16. Lab #5

    17. Lab #5 - Solutions

    1. Remote Acquisition “Windows” - Kape

    2. Remote Acquisition “Windows” - CyLR

    3. Memory Dump

    4. Mount Memory Images

    5. Lab #6

    6. Lab #6 - Solutions

    7. Remote Acquisition “Linux”

    8. RAM Dump

    9. Sysmon “Establish More Visability”

    10. Traffic Analysis

    11. Lab #7

    12. Lab #7 - Solutions

    13. Documentation Phase

About this course

  • $100.00
  • 45 lessons
  • 0 hours of video content

Learning Outcomes

After completing this course, you will learn the following:

  • Understand Incident Response Frameworks

  • Prepare for Incidents

  • Detect and Analyze Threats

  • Perform Forensic Investigations

  • Document and Report Incidents

  • Utilize Incident Response Tools

  • Address Challenges in Large-Scale Incident Response

Technical Requirements

For the hands-on labs in this course

  • Internet Connection

  • Workstation with at least 16GB RAM and 100GB Disk Space

  • Operating System (Windows or Linux)

  • VirtualBox or VMWare (hypervisor)

What is next at Cyber 5W?

Add your email to the mailing list to get the latest updates

Thank You