CERT Training Material

Summary

Thematic focus

Technical: Building artefact handling and analysis environment, processing and storing artifacts, artefact analysis fundamentals, advanced artefact handling, introduction to advanced artefact analysis, new dynamic analysis of artefacts, static analysis of artefacts, developing countermeasures, common framework for artefact analysis activities, using indicators to enhance defence capabilities, identification and handling of electronic evidence, digital forensics, mobile threats incident handling, mobile threats incident handling (Part II), proactive incident detection, automation in incident handling, network forensics, honeypots, vulnerability handling, presenting, correlating and filtering various feeds

Operational: Incident handling during an attack on Critical Information Infrastructure, advanced Persistent Threat incident handling, social networks used as an attack vector for targeted attacks, writing Security Advisories, cost of ICT incident, incident handling in live role playing, incident handling in the cloud, large scale incident handling

Setting Up a CERT: Triage & Basic Incident Handling, incident handling procedure testing, recruitment of CERT staff, developing CERT infrastructure, legal and cooperation, establishing external contacts, cooperation with law enforcement, assessing and testing communication channels with CERTs and all their stakeholders, identifying and handling cybercrime traces, Incident handling and cooperation during phishing campaign, cooperation in the area of cybercrime, CERT participation in incident handling related to the Article 13a obligations, CERT participation in incident handling related to the Article 4 obligations