| Web Link | http://www.natoschool.nato.int/Academics/Resident-Courses/Course-Catalogue/Course-description?ID=106 |
| Last Date Updated | 02/Jun/2023 2:26 |
| Training Institution | NATO - School Oberammergau (NSO) |
| Discipline | Cyberspace Operations (COP) |
| Area | Cyber Defence Operations (CD) |
| Depth of knowledge Level | 300 - Advance |
| NATO Course Certification | NATO Approved |
|
| Course Code | COP-CD-31395 |
| Course Title | Cyber Incident Handling & Disaster Response Course |
| ETF Course Code | M6-110 |
| Delivery Method | Blended |
| Course Description | The aim of this course is to prepare students to address the nature and scope of cyber security incident handling services, including intrusion/incident detection, damage control, service continuity, forensic analysis, service/data restoration, and incident reporting. |
| Course Notes | For further information (e.g. list of eligibility requirements) please refer to the full course description via the above given web link. |
|
| Aim of the Course | To address the nature and scope of cyber security incident handling services, including intrusion/incident detection, damage control, service continuity, forensic analysis, service/data restoration, and incident reporting. |
| Performance Objectives |
| 1 |
Examine Incident Handling and Response (IHR) terminology, core concepts and methodologies, in accordance with a model framework
|
|
| 2 |
Examine best practices on establishing,managing and staffing an incident response team, such as Computer Security Incident Response Team (CSIRT) and Computer Emergency Response Team (CERT)
|
|
| 3 |
Comprehend and review current IR Policy and best practices and assess an organization’s adherence to them
|
|
| 4 |
Systematize disaster recovery concepts, the remediation process, and requirements for implementation in an organization
|
|
| 5 |
Assess the fundamentals of network- and host-based analysis tools and techniques
|
|
| 6 |
Examine the fundamentals of malware triage, handling and analysis
|
|
|
|
| Course Language(s) | |
| Structure of the Course | Resident (1 wk) - eLearning (8 wk) - Resident (1 wk) |
|
| Active Course | Yes |
| Course Active from | 01/Jan/2011 |
| Course Deactivated on | 31/Dec/2028 |
| Course Duration (in days) | 10.0 |
| Pre-Req (System Non Verified) | Pre-requisite(s): The students will be expected to know some basic information on operating systems, programming, networking, and information assurance. Preferably, to be graduates of the first two courses of the Cyber Security Professional Certificate P |
|
| Security Clearance | NU: NATO UNCLASSIFIED |
| Training Audience | M: NATO, PfP, MD, ICI and other nations as approved |
| ePrime Reference Number | ACT.468 |
|
| Tuition Fee per Student (Euro) | 0.00 |
| Fees for Accommodation and Meals (Euro) | 0.00 |
|
| Payment Authority |
|
| Select the Level 1 Eval associated with this course. |
| Level 1 Eval | None |
| The Level 2 Test dropdown currently only applies to SCORM compliant courses. |
| Level 2 Test | None |
| Two Step Application Override (Reqs approval for applying into Iteration) | No |
| Submit course for ETOC Upload | No |
| Requires Secure Access | No |