Phase2 Advantage Cybersecurity and Certifications

$150 Donation Made to Veterans for Every Self-Study Course Enrollment

Phase2 Advantage and Veteran Service Organization Boots to Books have entered into a partnership in which Phase2 will donate $150 to support veterans and the military affiliate community for every student that enrolls in one of its self-study cybersecurity certification courses.

Boots to Books President, Peter Cline, who is an Army veteran said, “Phase2 Advantage is the perfect partner. The organization’s shared values and passions for innovation and supporting our veteran community were apparent from day one. With their support, more veterans will get free educational support and be placed at the nation’s best companies, completely free to them.”  READ MORE …

Certified Incident Investigations and Response Specialist

Self-Study Online Training

Incident Investigations and Response

As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation. 

The Incident Investigations and Response Specialist course brings Incident Response core competencies to advanced levels by presenting students with 14 detailed chapters designed to align with academic calendars.

Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as The Incident Response Life Cycle, Indicators of Compromise, Investigative Techniques, Threat Intelligence Collection, and Remediation Strategies. The content of this textbook is aligned for use with immersive cybersecurity labs produced by Jones & Bartlett Learning, Pearson Education, and Cengage.

COURSE DATE

February 01, 2022

STUDENT SUPPORT

Yes (via email)

COURSE ACCESS

24 / 7

COURSE FEE

$1,200

COURSE DURATION

16 Weeks*

Registration for this course closes on January 24, 2022*This course is self-paced and can be completed any time within 16 weeks.

Course Training Materials

Course Textbook (US Students)

Textbook via Amazon (Non-US Students)

Course Lab Exercises

Practice Assessment Quizzes

40-Hour CPE Credit Certificate

Knowledge Assessment Examination

Phase2 Advantage has partnered with Savannah Technical College to offer several self-study cybersecurity courses for individuals who are not able to attend classroom-based certification programs. This format allows students to learn at their own pace, in a comfortable environment, and receive a 60% discount off classroom-based courses.  Enrolled students will have access to the Savannah Technical College Learning Management System for their course.

NICE Cybersecurity Workforce Framework

The Certified Incident Incestigations and Response Specialist course is a component of the career progression track that supports the required Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.  It provides a common language to speak about cyber roles and jobs and can be referenced to define professional requirements in cybersecurity.

Course Outline and Knowledge Points

  • What Constitutes an Incident?
  • Technology as a Landscape for Crime
  • The Incident Response Life Cycle
  • What is Incident Response?
  • 7 Stages of the Attack Life Cycle
  • 10 Steps to Help Reduce Incidents
  • Cyber Adversaries vs. Cyber Defenders
  • Nation State vs. Non-Nation State Actors
  • Components of the Threat Landscape
  • Legal Challenges in Digital Investigations
  • Challenges to Cyber Crime Investigations
  • International Enforcement Challenges
  • Defining the Incident Response Mission
  • Internal Communication Procedures
  • External Communication Procedures
  • Incident Response Team Deliverables
  • Building a Field Forensic System
  • Preparing the Infrastructure
  • Collecting Initial Facts
  • Incident, Network, and Malware Checklists
  • Building an Attack Timeline
  • Incident Scene Management
  • Elements of Proof and Chain of Custody
  • Investigative Interview Strategies
  • Vulnerability Program Essentials
  • Prioritizing Vulnerability and Risk
  • Rating Vulnerability Levels
  • Analyzing a Vulnerability Notification
  • Establishing an Efficient Workflow
  • Vulnerability Scanning Software
  • Baseline Measuring Objectives
  • Identifying Usage Patterns
  • Network Sensor Deployment
  • Statistical Monitoring
  • Header and Full Packet Logging
  • Network Monitoring Evaluation
  • Potential Signs of Compromise
  • The Need for Network Monitoring
  • Turning Leads into Indicators
  • The Life Cycle of Indicator Generation
  • Indicator of Compromise Verification
  • Event-Based Alert Monitoring
  • Understanding the Maneuver Warfare Mindset
  • The Threat Intelligence Cycle
  • Intelligence Collection
  • Analysis and Production
  • Dissemination of Intelligence
  • Threat Intelligence Sources
  • Network Forensics vs. Digital Forensics
  • General Process for Performing Analysis
  • Available Data Sources
  • Outlining the Analysis Approach
  • Selection of Analysis Methods
  • Evaluating Analysis Results
  • Responsibilities of The First Responder
  • The Host Device Power State
  • The Windows Directory Structure
  • Locating Endpoint Data
  • The Windows Registry
  • The Importance of IoT Devices
  • When to Perform a Live Response
  • Live Response Challenges
  • Selecting a Live Response Tool
  • Data Collection Considerations
  • Common Live Response Data
  • Collection Best Practices
  • Malware Triage Concepts
  • Malware Handling Procedures
  • Malware Distribution and Documentation
  • Accessing Malicious Websites
  • Introduction to Static and Dynamic Analysis
  • Automated Analysis: Sandboxes
  • Effective Incident Remediation
  • Assigning a Remediation Owner
  • Remediation Posturing Actions
  • Eradication Plan Development
  • Plan Timing and Execution
  • Developing Strategic Recommendations
  • Report Style and Formatting
  • Report Content and Organization
  • Documenting Lessons Learned
  • Response Playbook Components
  • Building a Response Playbook
  • Planning Table-Top and Simulated Exercises

Contact Us to Learn More

To find out more about Cybersecurity Courses and our full range of available client services, contact us today via the phone number or email address listed below.

OFFICE:
(912) 335-2217

EMAIL:
michael.kaplan@phase2advantage.com