You are leaving our Website
Using an external Link:
You are now leaving our website. The following page is operated by a third party. We accept no responsibility for the content, data protection, or security of the linked page..
URL:
SC190: Information Security Incident Management
Training: Security - Business Continuity
Participants receive a practical introduction to incident handling. The course covers the fundamentals of incident detection and analysis, identifying attacks in the network, as well as handling clients and servers. It addresses how to distinguish support cases caused by user errors from actual attacks and how effective response capabilities are trained through exercises.
Start: 2025-10-16 | 10:00 am
End: 2025-10-17 | 05:00 pm
Location: Online
Price: 1.400,00 € plus VAT.
Start: 2026-03-09 | 10:00 am
End: 2026-03-10 | 05:00 pm
Location: Online
Price: 1.400,00 € plus VAT.
Start: 2026-10-19 | 10:00 am
End: 2026-10-20 | 05:00 pm
Location: Online
Price: 1.400,00 € plus VAT.
Agenda:
- Module 1:
- Presentation of a multi-stage attack on an information network
- Mutual interaction of attack and defense
- Importance of the timeline for rapid incident detection
- Principles and guidelines of IR management
- Establishment of a reliable reporting chain and first response
- Module 2:
- Live demo of attacks on Windows and Linux machines
- Triage process by IT-Ops and subsequent SOC and CSIRT
- Sec-Ops Forensics 1: Tracing in Windows machines
- Sec-Ops Forensics 2: Tracing in Linux machines
- Sec-Ops Forensics 3: Tracing in OT
- Remediation of infected systems
- Module 3:
- Attacks on the network from outside and inside
- The importance of delivery and command & control servers
- Sec-Ops Forensics 4: Tracing in distributed LDAP and AD services
- Sec-Ops Forensics 5: Tracing in networks and firewalls
- Sec-Ops Forensics 3: Detecting ICMP/DNS tunnels and backdoors
- Best practices and validation of attack sources
- Module 4:
- Individual deep dive into topics from Modules 1-3
- Practical exercise: Handling security incidents
- Experience exchange
- For in-house training/closed courses conducted online, we are happy to accommodate your individual scheduling preferences. We can conduct the course over four days with 4 hours each instead of two days with 8 hours each.
Contact us!
Objectives:
Upon completion of the workshop, you will be able to identify security incidents or disruptions and initiate appropriate measures to restore operations as quickly as possible. You will gain an in-depth understanding and learn especially the implementation and operation of an Information Security Incident Management process to apply the learned and developed topics within the company.
After the course, you will be able to map a resilient and efficient incident response process from the reporting process, through isolation and identification, to remediation and documentation.
Target audience:
Responsible for Information Security, as well as IT Operations, Incident Managers, and Process Owners.Prerequisites:
Basic knowledge of information security, understanding of day-to-day IT operations. There is no formal assessment of entry requirements.Description:
Most incidents start quite innocuously. A user opens a ticket, the helpdesk addresses the issue after a while. Then the technician becomes nervous, informs their manager, and they also become nervous.
Is it an attack or an error – what impacts and damages are to be expected and what measures need to be initiated now? You will learn this and more in this workshop, which is divided into 4 areas:
- Incident detection and general principles of disturbance or incident acceptance
- Identifying attacks in the network
- Incidents with clients and servers
- You are part of a workshop where you consolidate and practice what you have learned
The majority of incidents received by IT support are due to user errors or have technical causes. In daily operations, technicians have become accustomed to working through a queue, similar to a doctor's waiting room. In this process, IT support is often also the emergency room. So how do you recognize the urgent cases? How should you react now?
Guaranteed implementation:
from 2 Attendees
Booking information
Price:
1.400,00 € plus VAT.
(including lunch & drinks)
Appointment selection:
Authorized training partner
Authorized training partner
Memberships
Memberships
Shopping cart
SC190: Information Security Incident Management
was added to the shopping cart.