SIHE

EXAM CODES S09-009

About Incident

Incident Handler

The threat of cybercrime is the new reality and major concern for enterprises worldwide. Unfortunately, most organizations, don’t have a proactive approach to information security. Alarmingly, 76% of organizations globally do not have an Incident Response plan, making it difficult for them to reliably identify, contain and recover from a cyber-attack. An incident response plan prepares enterprises for both known and unknown threats.

Star Incident Handler Expert is a comprehensive certification training program designed to help learners acquire skills required to manage enterprise security incidents by understanding common attack techniques, vectors and tools, while avoiding common errors; thus, increasing both the effectiveness and efficiency of their incident response efforts.

The program introduces the learners to various incidents related to computer/information security, detailing all the aspects of incident handling from proper incident response management, to risk assessment and mitigation, to the techniques, policies and laws, further, to creating a proper incident response and recovery system for future. The purpose of SIHE is to help the learners master the skills they need to establish a successful career as an Incident Handler.

Audience

Intermediate

Course Objectives

In this course, you will learn about:

  • How to prepare secure incident response system and understand the threats associated with such systems
  • How to implement incident response system to prepare its defence against attacks
  • Creating recovery plan based on the past attacks and threats
  • Various network security incidents and malicious code incidents
  • Internal threats and how to manage them

Course Outcome

After completing this course, you will be able to:

  • Explain incident response in an enterprise environment
  • Develop an incident response plan and a response team
  • List the policies and laws related to incident handling
  • Manage the computer security related incidents and prepare for future risk mitigation, from malicious code attacks and threats associated
  • Help organizations built their own Incident Management Systems
  • Design a recovery plan and manage internal threats

Table Of Contents Outline

  1. Exploring Incident Response System and Risk Analysis
  2. Exploring Incident Handling Policies and Law
  3. Exploring Incident Response Handling and Creating an Incident Response Team
  4. Creating Incident Recovering Planning Documents
  5. Use of Forensic Analysis in Incident Response
  6. Identifying and Controlling Network Security Incidents
  7. Identifying and Controlling Malicious Code Incidents
  8. Managing Internal Threats

Labs

Lab 1 - How to implement GNU Privacy Guard (GnuPG)?

Lab 2 - How to perform Network Traffic Monitoring and Auditing using
                           Ntopng and Nessus Home       

Lab 3 - How to perform Network Traffic Monitoring and Auditing using Wireshark?      

Lab 4 - How to perform Network Auditing using Snort  

Lab 5 - How to Protect Network using iptables?

Lab 6 - How to perform Employee Monitoring by Spytech SpyAgent?   

Lab 7 - How to Perform Forensic Analysis on Linux using Various Commands? 

Lab 8 - How to use Sysinternals Suite to perform Forensic Analysis?     

Exam Details


Exam Codes SIHE S09-009 (Academy customers use the same codes)
Launch Date Jul 01 2017
Exam Description This course will help the attendees to learn the concepts related to the computer security incidents. With this course, you will be able to implement a proper Incident Response Management in your organisation and apply appropriate steps to address the various issues related to attacks. Also, you will learn about assessing the risk and mitigating the same by applying proper techniques, policies and laws.After completing this course, attendees will be able to implement an incident management policies and techniques, and learn to deal with different security issues. They will be able to handle malicious code attacks and mitigates the threats by preparing the reports of the attacks and perform analysis on it to create a proper incident response and recovery system for future.
Number of Questions 90
Type of Questions MULTIPLE CHOICE
Length of Test 180 Minutes
Passing Score 70%
Recommended Experience EHE (Ethical Hacking Expert), SFICH (Star Forensic investigator in Computer Hacking), risk assessments administrators, penetration testers, cyber forensic investigators, venerability auditors, system administrators, system engineers, firewall administrator, network managers, IT professional and anyone who is interested in incident handling and response.
Languages English

Star Certification Account