In this advanced workshop, participants are immersed in a simulated CIRC environment where they assume different roles and manage the security events that take place over the course of a three-day scenario.
Day-to-day security incidents will occur alongside potentially catastrophic activity related to the advanced tactics of determined and persistent adversaries. Each member of the CIRC Team will have to utilize skills and tools in order to detect, contain and eradicate the threat as well as document the incidents for executive review. There is virtually no lecture associated with this workshop; participants learn by doing. This is the perfect opportunity for members of security teams to sharpen their skills related to the newest attacks in a controlled environment assisted by experts. The Workshop provides valuable insights for determining the specific skillsets and tools that an organization needs in order to mitigate these most advanced types of attacks against corporate assets.
Security analysts, computer forensic investigators, incident responders who have had exposure to malware analysis and want to know more about the tools and techniques associated with gathering and responding to actionable intelligence while acting as a member of a critical incident response team.
Participation in the RSA Incident Handling & Response course or commensurate experience. Some exposure to malware analysis, incident response, and risk/compliance are beneficial. Participants should have some security operations experience. Some experience with RSA Security Analytics would be helpful.
Upon successful completion of this course, participants should be able to:
• Outline the mission, structure, and operation of a Critical Incident Response Center.
• Discriminate against the incoming incidents and prioritize them appropriately in a triage setting.
• Apply the skill set of a security analyst or incident responder to resolving a critical security incident in a team environment
• Analyze malware within a CIRC environment
• Manage a simulated CIRC environment and resources
• Evaluate internal and external intelligence
• Prepare a communications plan for internal and external recipients
• Decide which information to share within the team environment
• Break the Cyber Kill Chain based on analysis performed in the CIRC
• Operate common CIRC tools
Because this workshop will be completely scenario based, a formal course outline is not applicable. Throughout this workshop,participants will engage in:
• Malware Analysis
• Network Analysis
• Network Forensics
• Threat Intelligence
• Incident Triage
• Executive Presentation
• Security Operations
• Team Management
• Legal, Regulations, & Investigations
• Open Source and Commercial Tools
Valmistajan virallinen koulutuskeskus Arrow ECS Finland Oy vastaa kurssin toteutuksesta. Kurssipaikka sijaitsee Stella Business Parkissa, Espoossa.
Vendor’s authorized training center Arrow ECS Finland Oy is responsible for running this course. Course will be held in Espoo, Stella Business Park.
Training card prices or other pricing contracts are not applicable for this course. The course will be held in cooperation with ArrowECS.