Our GCIH boot camp helps you fully understand how systems are compromised and what traces are left behind by attackers on the network, on disk and in volatile memory. Security incidents are a way of life in the modern world, and how organizations respond to them makes a massive difference in how much damage is ultimately done.
In this five-day course, you learn how cutting-edge attack vectors and tried-and-true methods are used for compromise, the ins and outs of incident response, and the tools of the trade used by incident responders on a daily basis. You will leave with the knowledge of how to prevent incidents and the skills to defend against a security incident if it does happen.
The course focuses on the 5 key incident response stages:
- Planning – Preparing the right process, people and technology enables organizations to effectively respond to security incidents
- Identification – Scoping the extent of the incident and determining which networks and systems have been compromised and to what degree
- Containment – Preventing the incident from further escalation using information gathered in identification stage
- Eradication – Removing intruder access to internal and external company resources
- Recovery and lessons learned – Restoring fully operational system capability and closing out the incident by proper reporting and lessons learned meetings