Education and Training Opportunities Catalogue (ETOC)

Click on different tabs to view the course relevant details. To launch ETOC, login into e-ITEP system with your login credentials.
View Course


Web Link
Last Date Updated15/Jul/2022 8:55
Training InstitutionNATO - School Oberammergau (NSO)
DisciplineCyberspace Operations (COP)
AreaCyber Defence Operations (CD)
Depth of knowledge Level300 - Advance
NATO Course CertificationNATO Approved

Course CodeCOP-CD-31395
Course TitleCyber Incident Handling & Disaster Response Course
ETF Course CodeM6-110
Delivery MethodBlended
Course DescriptionThe aim of this course is to prepare students to address the nature and scope of cyber security incident handling services, including intrusion/incident detection, damage control, service continuity, forensic analysis, service/data restoration, and incident reporting.
Course NotesFor further information (e.g. list of eligibility requirements) please refer to the full course description via the above given web link.

Learning Objectives1. Summarize Incident Handling and Response Methodologies: Given lectures and quizzes, students will be able to summarize typical Incident Handling and Response terminology and methodologies, in accordance with the model framework. 2. Describe how CSIRT and CERT are managed and staffed: Based on lectures, online labs and quizzes, students will be able to describe how a Computer Security Incident Response Team (CSIRT) at the local command level and Community Emergency Response Teams (CERT) on a National Level are created, managed and staffed. 3. Create an Incident Response Policy: Given lectures, online labs and quizzes, students will be able create an Incident Response Policy, based on the organization’s structure, that methodically handles such incidents as Denial of Service (DOS), unauthorized access, inappropriate usage of the network, insider threats, and even multiple components incidents. 4. Prepare a Disaster Recovery Plan: Based on lectures, online labs and quizzes, students will be able to explain the principles of disaster recovery, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies, and procedures, and attentiveness to the roles and relationships of various members of an organization, implementation of the plan, and recovering from a disaster. 5. Describe System Fundamentals: Given lectures, online labs, and quizzes, students will be able to describe the fundamentals of system–level and data-level recovery tools and techniques, utilizing different recovery techniques, including back-up and recovery technologies and the use of virtualization.
Course Language(s)

Structure of the CourseResident (1 wk) - eLearning (8 wk) - Resident (1 wk)

Active CourseYes
Course Active from01/Jan/2011
Course Deactivated on31/Dec/2027
Course Duration (in days)10.0

Training AudienceM: NATO, PfP, MD, ICI and other nations as approved
ePrime Reference NumberACT.468

Tuition Fee per Student (Euro)0.00
Fees for Accommodation and Meals (Euro)0.00

Payment Authority

Select the Level 1 Eval associated with this course.
The Level 2 Test dropdown currently only applies to SCORM compliant courses.
Two Step Application Override (Reqs approval for applying into Iteration)No
Submit course for ETOC UploadNo
Requires Secure AccessNo