We are still developing our website

Skip to content
Management Training

Security Incident Response

Master the art of security incident management with hands-on simulations and real-world scenarios

2
Days
16
Hours
6
Modules
3
Simulations

Overview

Course Objectives
Develop and implement effective incident response plans based on recognized frameworks
Coordinate response teams during security crises with clear and efficient communication
Perform digital forensic analysis and proper evidence preservation for investigation
Implement containment, eradication, and recovery strategies for compromised systems
Manage communication with internal and external stakeholders during security incidents
Target Audience
IT and Security Managers
SOC (Security Operations Center) Analysts
System and Network Administrators
Compliance and Risk Officers
Incident Response Teams (CSIRT)
Cybersecurity Consultants
Teaching Methodology
We combine solid theory with intensive practical simulations

NIST Framework

Internationally recognized methodology for incident response

Realistic Simulations

Scenarios based on real incidents with time pressure and critical decisions

Teamwork

Effective coordination and communication during crisis situations

Prerequisites
  • Basic knowledge of IT security and networks
  • Experience in system administration (Windows/Linux)
  • Familiarity with cybersecurity concepts
  • Understanding of network protocols (TCP/IP, DNS, HTTP)

Course Modules

Module 1: Incident Response Planning
2.5 hours
NIST Incident Response Lifecycle Framework
Incident Classification and Prioritization
Roles and Responsibilities Definition
Communication and Escalation Protocols
Playbook Development
Business Continuity Integration
Module 2: Detection and Analysis
3 hours
Incident Detection Methods
Log Analysis and Event Correlation
Indicators of Compromise (IoCs)
Impact and Severity Assessment
SIEM and EDR Tools
Threat Intelligence Integration
Module 3: Containment and Isolation
2.5 hours
Short-term Containment Strategies
Long-term Containment
Compromised System Isolation
Digital Evidence Preservation
Network Segmentation
Backup and Recovery Planning
Module 4: Eradication and Recovery
3 hours
Root Cause Analysis
Malware and Backdoor Removal
System Hardening and Patching
Recovery Planning
Clean System Validation
Normal Operations Restoration
Module 5: Digital Forensic Analysis
3 hours
Digital Forensics Principles
Chain of Custody
Evidence Acquisition
Memory and Disk Analysis
Timeline Analysis
Forensic Tools (Autopsy, Volatility)
Module 6: Post-Incident Activities
2 hours
Lessons Learned Sessions
Documentation and Reporting
Continuous Process Improvement
Legal and Regulatory Considerations
Stakeholder Communication
Playbook Updates

Practical Exercises

Practical Exercises
Intensive simulations based on real security incident scenarios

Ransomware Attack Simulation

3 hours
High

Manage a ransomware attack across multiple systems with critical data encryption and ransom demands

Objectives:
  • Rapid attack detection
  • Containment of propagation
  • Evidence preservation
  • Stakeholder coordination
High-intensity exercise with time pressure

Data Breach Response

2.5 hours
Medium-High

Respond to a data breach with sensitive information exposure and GDPR regulatory implications

Objectives:
  • Impact assessment
  • Authority notification
  • Affected party communication
  • Corrective measures implementation
High-intensity exercise with time pressure

APT Detection and Response

3.5 hours
Very High

Identify and respond to an Advanced Persistent Threat with prolonged presence in corporate network

Objectives:
  • Complex IoC analysis
  • Lateral movement mapping
  • Complete eradication
  • Post-incident hardening
High-intensity exercise with time pressure

Certification

Certification

Incident Response Certificate

Official recognition of acquired incident management competencies

Benefits:

Verifiable digital certificate
Professional recognition
Access to alumni community
Lifetime reference materials
Certification Requirements
1
Active participation in all theoretical modules
2
Successful completion of all practical simulations
3
Pass final practical exercise with minimum 70% grade
4
Development of an incident response plan

Investment

Investment
Complete training with certification included
€2,000
per participant

What's included:

16 hours of intensive training
Complete training materials
Access to practical labs
Completion certificate
Coffee breaks and lunches
Post-training support (30 days)
Available Discounts
Groups (3+ people)
10%
Groups (5+ people)
15%
In-company
Contact for details

Interested in this Training?

Contact us for more information or to schedule a session

Começar

Solicitar Informações de Formação

Pronto para melhorar as competências de cibersegurança da sua equipa? Contacte-nos para soluções de formação personalizadas.

Informações de Contacto

Telefone

+351 XXX XXX XXX

Localização

Porto, Portugal

Opções de Formação

Formação presencial
Formação remota
Sessões híbridas
Programas personalizados
Formulário de Pedido de Formação

Ao submeter este formulário, concorda com a nossa Política de Privacidade e Termos de Serviço. Responderemos em 24 horas.

Ready to Lead Incident Response?

Join our intensive program and become an expert in security crisis management

Enroll NowView All Training