Overview

Incident handlers manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. The GCIH certification focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques:
  • The steps of the incident handling process
  • Detecting malicious applications and network activity
  • Common attack techniques that compromise hosts
  • Detecting and analyzing system and network vulnerabilities
  • Continuous process improvement by discovering the root causes of incident

Learning Outcome

You will learn:
  • How best to prepare for an eventual breach
  • The step-by-step approach used by many computer attackers
  • Proactive and reactive defenses for each stage of a computer attack
  • How to identify active attacks and compromises
  • The latest computer attack vectors and how you can stop them
  • How to properly contain attacks
  • How to ensure that attackers do not return
  • How to recover from computer attacks and restore systems for business
  • How to understand and use hacking tools and techniques
  • Strategies and tools for detecting each type of attack
  • Attacks and defenses for Windows, Unix, switches, routers, and other systems
  • Application-level vulnerabilities, attacks, and defenses
  • How to develop an incident handling process and prepare a team for battle
  • Legal issues in incident handling

Who should Attend?

  • Incident handlers
  • Leaders of incident handling teams
  • System administrators who are on the front lines defending their systems and responding to attacks
  • Other security personnel who are first responders when systems come under attack

Eligibility Criteria

  • A strong desire to understand hacker tools and techniques
  • A foundational understanding of the Windows Command Line
  • A foundational understanding of core networking concepts such as TCP/IP
  • A strong desire to understand how key defensive tactics can thwart advanced attackers
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page


Information is accurate as of 6 August 2019