Mon-Fri: 8:00am – 19:00pm

Cybersecurity Expert

  • Home
  • Cybersecurity Expert

Cybersecurity Expert

The Cybersecurity Expert course is designed to provide a comprehensive understanding of the advanced concepts and practical skills required to start a career in Cybersecurity. This program is ideal for individuals aspiring to become senior cybersecurity experts, cybersecurity lead or manager equipping them with the knowledge and hands-on experience required to deploy advanced technologies like SIEM, Data Loss Prevention, Endpoint Detection & Response and to handle security incidents in a network.


Key Topics:

  • SIEM Deployment & integration
  • Endpoint Detection & Response
  • Data Loss Prevention
  • Incident handling

The course will cover:

Module 1: Security Information and Event Management (SIEM)

  • What is SIEM
  • Functions of SIEM
  • SIEM architecture
  • Different SIEM applications
  • Installation of SIEM solution
  • Integration of SIEM solution with existing network resources
  • Collecting and analysing event logs
  • Fine tuning and alert generation
  • Creating and assigning alert tickets

Module 2: Endpoint Detection and Response (EDR)

  • What is EDR
  • Installation of EDR
  • Deployment of EDR
  • Analysing EDR alerts

Module 3: Data Loss Prevention (DLP)

  • What is DLP
  • Installation of DLP
  • Deployment of DLP
  • Analysing DLP alerts

Module 4: Incident Response

  • What is incident response
  • Incident response policy
    • What is incident response policy
    • Elements of incident response policy
    • Different types of incident response teams
    • Role of incident response manager
    • What does incident response team do
  • Incident Handling
    • What is incident handling
    • CIRC team
    • The REACT principle
    • Maintaining integrity of scene following an incident
  • Legal aspects of Incident Response
    • Legal considerations of incident response
    • Expectation of privacy
    • Personally Identifiable Information (PII)
    • Giving notice to individuals
    • Benefits of information sharing
  • Forensics of incident response
    • Forensics in support of an incident response
    • Phases of investigation
    • Capturing of data
    • Volatile data considerations
    • Volatile memory capture
    • Imaging concepts
    • Forensic acquisition of data from PC
    • Obtaining BitLocker keys
    • Analysis of forensic data
  • Insider threat
    • What is insider threat
    • Indicators to identify an insider threat
    • Automated processes to look for indicators of in insider threats
    • Policies and procedures
    • Policy enforcement
  • Malware
  • Malware incidents
  • Malware analysis
  • Incident Recovery

Live Classroom


This course is only available in live classroom mode through our partners. Kindly contact us at: info@us-council.com for more details.


Course Outline

PDF


For Certification: Click Here

Get this course from our authorized training partner. Click Here