Scribd
Upload
7 views4 pages

CIHE Web Outline

The C)IHE - Certified Incident Handling Engineer course equips professionals with the skills to effectively prevent, detect, and respond to cybersecurity incidents using hands-on training in a Cyber Range. It follows NIST’s 800-61 framework, covering all four phases of incident response, and includes various modules and labs to enhance practical knowledge. Upon completion, students will be prepared to take the C)IHE exam and maintain their certification through ongoing education and testing.

Uploaded by

ahmadjuttt98
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views4 pages

CIHE Web Outline

The C)IHE - Certified Incident Handling Engineer course equips professionals with the skills to effectively prevent, detect, and respond to cybersecurity incidents using hands-on training in a Cyber Range. It follows NIST’s 800-61 framework, covering all four phases of incident response, and includes various modules and labs to enhance practical knowledge. Upon completion, students will be prepared to take the C)IHE exam and maintain their certification through ongoing education and testing.

Uploaded by

ahmadjuttt98
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

The C)IHE - Certified Incident Handling Engineer course, is designed to help Incident

Handlers, System Administrators, and Security Engineers understand how to plan, create, and
utilize their systems to prevent, detect, and respond to attacks through the use of mile2’s
live hands-on Cyber Range.

Mile 2 C)IHE strictly follows NIST’s 800-61 to identify the four phases of incident response: (1)
preparation for a cybersecurity incident, (2) detection and analysis of a security incident, (3)
containment, eradication, and recovery, and (4) post-incident analysis. With C)IHE’s in-depth
certification training, the student will learn to develop start-to-finish processes for
establishing an incident-handling team, strategizing for potential attack types, recovering
from attacks, and much more.

Module 01: Incident Handling Lab 01: Identifying Incident Triggers


Explained Lab 02: Drafting Incident Response
Live Class Duration: 5 Days Module 02: Incident Response Policy, Procedures
Plan and Procedure Creation Lab 03: Identifying and Planning for
CEUs: 40 Module 03: Incident Response Team Your Dependencies
Structure Lab 04: Testing Your Plan and Using a
Language: English Module 04: Incident Response Team Feedback Loop to Future Proof Your
Class Formats Available: Services Response
Module 05: Incident Response Lab 05: Drafting General Security
Instructor Led Recommendations Policies
Module 06: Preparation Lab 06: Leveraging SIEM for
Self-Study Module 07: Detection and Analysis Advanced Analytics
Module 08: Containment, Eradication Lab 07: Use Velociraptor and Gather
Live Virtual Training
and Recovery Evidence
Suggested Prerequisites: Module 09: Post Incident Activity Lab 08: Creating Request Tracker
Module 10: Incident Handling Workflow
Checklist Lab 09: Lessons Learned and
- 12 months network technologies Module 11: Incident Handling Documentation
Recommendations Lab 10: Creating and Incident
- Sound knowledge of networking and
Module 12: Coordination and Handling Checklist
TCP/IP
Information Sharing Lab 11: Drafting Incident Response
- Linux knowledge is essential. Recommendations for Improvements
Lab 12: Sharing Agreements and
Reporting Requirements

pg. 1
[Link] 10213 Wilsky Blvd, Tampa, FL 33625 813-920-6779
vs. 922021
Upon completion, Certified The Certified Incident Handling
Incident Handling Engineer exam is taken online through
Mile2’s Learning Management Question: Do I have to purchase a
students will know NIST’s 800-61
System and is accessible on you course to buy a certification
four incident handling phases, be
[Link] account. The exam will exam?
able to accurately report on their
findings, and be ready to sit for the take approximately 2 hours and Answer: No
C)IHE exam. consist of 100 multiple choice
questions. Question: Do all Mile2 courses
map to a role-based career path?
A minimum grade of 70% is
required for certification. Answer: Yes. You can find
* Penetration Testers the career path and other
* Microsoft Administrator
coursesassociated with it at
* Security Administrators
[Link].
* Active Directory
Administrators Question: Are all courses
* Anyone looking to learn All Mile2 certifications will be available as self-study courses?
more about security. awarded a 3-year expiration date. Answer: Yes.
There are two requirements to Question: Are Mile2 courses
maintain Mile2 certification: transferable/shareable?
1) Pass the most current
version of the exam for your Answer: No. The course
respective existing materials, videos, and
certification. exams arenot meant to be
2) Earn and submit 20 CEUs per shared or transferred.
year in your Mile2 account.

pg. 2
[Link] 10213 Wilsky Blvd, Tampa, FL 33625 813-920-6779
vs. 922021
Detailed Outline
Module 00: Course Introduction

Module 01: Incident Handling Explained


Section 1: Introduction
Section 2: What is an Incident?
Section 3: What is Incident Handling?
Section 4: Difference Between IH and IR
Section 5: The Incident Response Process
Section 6: Seven Reasons You Must Put Together an Incident Response Plan
Section 7: How to Build an Effective Incident Response Team
Section 8: Considerations for Creating an Incident Response Team
Section 9: Tips for Incident Response Team Members

Module 02: Incident Response Policy, Plan and Procedure Creation


Section 1: Introduction
Section 2: Incident Response Policy
Section 3: Incident Response Plan
Section 4: Incident Response Procedures
Section 5: Sharing Information with Outside Parties

Module 03: Incident Response Team Structure


Section 1: Introduction
Section 2: Team Models
Section 3: Team Model Selection
Section 4: Incident Response Personnel
Section 5: Dependencies within Organizations

Module 04: Incident Response Team Services


Section 1: Introduction
Section 2: Intrusion Detection
Section 3: Advisory Distribution
Section 4: Education and Awareness
Section 5: Information Sharing

Module 05: Incident Response Recommendations


Section 1: Introduction
Section 2: Establish a formal Incident Response Capability
Section 3: Establish Information Sharing Capabilities
Section 4: Building an Incident Response Team

Chapter 06: Preparation


Section 1: Introduction
Section 2: Threat Hunting
Section 3: Threat Analysis Frameworks
Section 4: Tools and Toolkits
Section 5: Policy
Section 6: Procedures
Section 7: Preventing Incidents

Module 07: Detection and Analysis


Section 1: Attack Vectors
Section 2: Signs of an Incident
Section 3: Sources of Precursors and Indicators
Section 4: Incident Analysis
Section 5: Incident Documentation
Section 6: Incident Prioritization
Section 7: Incident Notification

Module 08: Containment, Eradication and Recovery


Section 1: Selecting the Right Containment Strategy
Section 2: Gathering and Handling Evidence
Section 3: Identifying the Attacking Hosts
Section 4: Eradication and Recovery

Module 09: Post Incident Activity


Section 1: Introduction
Section 2: Lessons Learned
Section 3: Using Collected Incident Data
Section 4: Evidence Retention

Module 10: Incident Handling Checklist


Section 1: Introduction
Section 2: Building Checklists

Module 11: Incident Handling Recommendations


Section 1: Introduction
Section 2: Recommendations
Section 3: Implement Threat Intel

Module 12: Coordination and Information Sharing


Section 1: Introduction
Section 2: Coordination
Section 3: Purple Teaming
Section 4: Information Sharing Techniques
Section 5: Granular Information Sharing
Section 6: Sharing Recommendations

You might also like