Certifications

As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.

This training course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Lab exercises utilize the Project Ares Cyber Range and Wireshark network protocol analyzer software.

The Certified Cyber Incident Response Manager course is a component of the career progression track that supports the required Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. It provides a common language to speak about cyber roles and jobs and can be referenced to define professional requirements in cybersecurity.

• INFORMATION SYSTEMS SECURITY MANAGER(OV-MGT-002)
• CYBER CRIME INVESTIGATOR(IN-INC-001)
• VULNERABILITY ASSESSMENT ANALYST(PR-VAM-001)
• EXPLOITATION ANALYST(AN-EXP-001)
• CYBER DEFENSE INCIDENT RESPONDER(PR-CIR-001)
• THREAT/WARNING ANALYST(AN-TWA-001)

• Overview of The Incident Response Life Cycle
• Understanding the Threat Landscape
• Building an Effective Incident Response Capability
• Preparing for Incident Response Investigations
• Vulnerability Assessment and Management
• Identifying Network and System Baselines
• Indicators of Compromise and Threat Identification
• Investigative Principles and Lead Development
• Threat Intelligence Collection and Analysis
• Overview of Data Forensics and Analysis
• Host-Based Data Collection Practices
• Network-Based Data Collection Practices
• Static and Dynamic Malware Triage
• Incident Reporting and Lessons Learned
• Creating Playbooks and Response Scenarios

• Exam Prep Guide
• Course Workbook & Labs
• Lab Images (if Applicable)
• Practice Assessment Quizzes
• 40-Hour CPE Credit Certificate
• Knowledge Assessment Examination

Upon completion of online courses, students will be prepared to sit for the knowledge assessment exam. The online examination will consist of True/False, Multiple Choice, and Fill in the Blank questions. The exam may be taken at any time within 3 months of completing the certification course.

Students will have two hours to complete a computer-based examination consisting of 100 questions. A score of 70% or higher is required to earn the certification. Upon successful completion of the exam, students will be sent a hardcopy of their certification and their CPE credit documentation via email (PDF format) within 72-hours of the exam date.

The examination is “closed book.” However, students will be allowed to use their notes on material presented during the course as well as their Course Workbooks.

Project Ares Video