Security monitoring and incident response
bez PDV-a
Trenutno nemamo zakazane termine
Cena bez PDV-a 120 000 din
Ciljevi
This two-day technical course covers basic theoretical and practical aspects of security monitoring, analysis and incident response in modern organizations. Students will learn basics of security monitoring and analysis of network traffic, servers and endpoints and different operating systems and applications and get familiar with basic steps of incident response. The training is intended to give students fundamental skills necessary to effectively work in the capacity of L1 SOC operators of junior incident response teams (CSIRT) analysts.
Trajanje
2 dana (8h/day)
Training format
This two-day technical course covers basic theoretical and practical aspects of security monitoring, analysis and incident response in modern organizations. Students will learn basics of security monitoring and analysis of network traffic, servers and endpoints and different operating systems and applications and get familiar with basic steps of incident response. The training is intended to give students fundamental skills necessary to effectively work in the capacity of L1 SOC operators of junior incident response teams (CSIRT) analysts.
Target audience:
- L1 SOC operators
- Junior CSIRT analysts
- IT administrators
- Other IT specialists with interest in the area of security incident response
Zahtevi
- User-level experience with Linux
- User-level experience with Windows
- Experience with programming/scripting
- Working knowledge of computer networking principles (e.g. routing, switching, etc.)
- Familiarity with most common networking protocols (TCP, UDP, IP, ICMP, DNS, HTTP, ARP, DHCP, etc.)
- Familiarity with common security technologies (IDS/IPS, antivirus, etc.)
Sadržaj
Basic theory
- Relevant best practices documentation, standards and regulatory requirements (ISO 27 035, NIST SP 800-61, SIM3,...)
- Security incident classification and taxonomies
- Processes and documentation for security operations - plans, procedures and playbooks
- Incident response community in Europe and beyond
- Tools of the trade (IDS/IPS, log management solutions, AV/EPP/EDR, vulnerability management, etc.)
- Indicators of Compromise (IoCs) and where to get them
- Log analysis and validation of indicators
- Basics of network traffic analysis
- Capturing network traffic
- Use of NetFlow/IPFIX and analysis of resulting data
- IDS/IPS signatures and how to create them
- Basic e-mail analysis
- Introductory malware analysis
- Common malware types Basic tools for malware analysis and how to use them YARA rules and how to create them Basics of vulnerability management
Hvala na interesovanju.
Potrudićemo se da odgovorimo na Vaš zahtev u najkraćem mogućem roku i organizujemo termin.
Hvala na interesovanju.
Odgovorićemo na Vaš zahtev u najkraćem mogućem roku.
Hvala na interesovanju.
Potrudićemo se da odgovorimo na Vaš zahtev u najkraćem mogućem roku i organizujemo termin.
Trening sale
ALEF Trening centri u Adriatic regiji imaju na raspolaganju po jednu trening salu kapaciteta 12 mesta.
Svaka učionica je opremljena sa projektorom i tablom, internet konekcijom i računarom predavača. Kao radna stanica studentima služe personalni računari sa pristupom Cisco opremi. Praktična obuka omogućava studentima da steknu veštine potrebne za konfiguraciju opreme.
CZ
ALEF Trening centar ima na raspolaganju pet trening sali. Tri učionice su nazvane po kontinentima – Australija koja ima kapacitet 8 mesta, Afrika i Evropa imaju svaka po 12 mesta – kapacitet se dopunjava pomoću učionice sa opremom (12 mesta) i pomoću centra za kompetenciju (18 mesta).
SK
ALEF ima na raspolaganju 4 trening sale. Imenovane su po gradovima sveta. Sidnej ima kapacitet 16 mesta, Roterdam i Hamburg imaju 12 mesta svaka dok New York ima 8 mesta
HU
ALEF Trening centar ima 3 trening sale. Imenovane su po gradovima zemalja u kojim ALEF posluje. Prag ima kapacitet 12 mesta, Bratislava i Budimpešta imaju 8 mesta svaka.
Beograd
Prag
Bratislava
Budimpešta
Tim predavača
Raspolažemo sa timom od preko 50 predavača, nudimo kompletan spektar tehnološkog znanja za ruting i switching, za bezbednost i saradnju između centara podataka. Stručnost instruktora dokazuje niz međunarodnih sertifikata najvišeg nivoa.
Jedinstvenost naših predavača sastoji se uglavnom u njihovom bogatom iskustvu u pojedinim projektima, i ovako su u stanju da vrlo fleksibilno reaguju na predloge polaznika kursa ili kod odgovaranja na postavljena pitanja, isto kao i kod prenošenje svojih praktičnih znanja polaznicima. Zahvaljujući pouzdanom radu kompanije i dugogodišnjem iskustvu, vrlo smo fleksibilni u reagovanju na projekte koji se pripremaju na stručnom području Cisco-a, i na osnovu toga možemo Vam garantovati širok spektar sertifikovanih kurseva koji će vama i vašim kolegama omogućiti da steknete potrebno stručno znanje za buduće testove sertifikacije.
