Cyber Security Incident Responder (CSIR)
Book online today or, if you need help choosing the right course or would like to discuss business discounts, call us on 0113 220 7150.
From £3,250 + VAT
Sorry, there are currently no dates available to book. Submit an enquiry to hear from one of our team about when dates might become available.
Overview
This specialist-level course is for professionals who are looking to develop and improve their knowledge or ability in the Cyber Security Incident Response (CSIR) field. Ths course follows the CREST incident response model and focuses on the knowledge required to effectively respond to a cyber incident.
Key Benefits:-
This course will enable you to:
- Learn the knowledge required to undertake incident response activities
- Gain confidence to identify and capture live Operating System artefacts
Upon successful completion of the exam, you will be awarded the Certified Cyber Security Incident Response (CSIR) qualification.
The course will also provide underpinning knowledge required to undertake the CREST CRIA certification.
Who Should Attend
Cyber security professionals or digital forensic investigators who want to extend their knowledge and skills in the CSIR field.
Prerequisites
You will need some experience or a good understanding of:-
- The CSIR process
- Windows Operating Systems
- Command line interface
- Computer networks
- Forensic investigations
- Malware investigations
Delegates will learn how to
The Skills You Will Learn:-
- You will learn the knowledge required to respond to a cyber incident
- You will practice all the fundamental skills needed to be an effective member of a CSIR team
Outline
SYLLABUS
The course syllabus follows the CREST CRIA knowledge requirement. A sample of course content includes:
- Engagement Lifecycle Management
- Benefits of Incident Response & preparation
- Incident Response engagements, procedures & processes
- Threat Assessment
- Understand threat assessments and attacker motivation
- Law & Compliance
- Knowledge of pertinent legislation & regulatory requirements
- Windows Operating System
- Windows NT architecture
- Registry & start-up locations
- Removable storage
- Account types & access Control
- Executed files and associated processes
- Networking
- Understanding network architectures
- IP routing
- Windows domain
- IEEE 802.11
- Traffic capture
- Cryptography
- Encryption types
- Hashing
- Encryption Protocols
- Common Data Formats
- Understand common data formats
- Storage Media
- Storage media types
- RAID basics
- NTFS File System
- File structures
- ACL’s and SID’s
- File carving
- Open Source Investigations
- Whois records
- Search engines
- Social media
- Other online resources
- Host Based Acquisition
- File & Data Extraction
- Memory Extraction
- Malware & Investigations
- Understanding web based attacks
- Infection vectors, rootkits & hiding techniques
- Live malware analysis
- Traffic capture and unusual protocol behaviour
- Reporting requirements
Why choose QA
- Award-winning training, top NPS scores
- Nearly 300,000 learners in 2020
- Our training experts are industry leaders
- Read more about QA
Cyber Security learning paths
Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.