As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.
This training course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Lab exercises utilize the Project Ares Cyber Range and Wireshark network protocol analyzer software.
The Certified Cyber Incident Response Manager course is a component of the career progression track that supports the required Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. It provides a common language to speak about cyber roles and jobs and can be referenced to define professional requirements in cybersecurity.
Upon completion of online courses, students will be prepared to sit for the knowledge assessment exam. The online examination will consist of True/False, Multiple Choice, and Fill in the Blank questions. The exam may be taken at any time within 3 months of completing the certification course.
Students will have two hours to complete a computer-based examination consisting of 100 questions. A score of 70% or higher is required to earn the certification. Upon successful completion of the exam, students will be sent a hardcopy of their certification and their CPE credit documentation via email (PDF format) within 72-hours of the exam date.
The examination is “closed book.” However, students will be allowed to use their notes on material presented during the course as well as their Course Workbooks.Project Ares Video