ENISA training resources for cybersecurity incidend response
A really useful free training course
ENISA (European Union Agency for Network and Information Security) is a centre of expertise for cyber security in Europe, with main mission of contribute to securing Europe’s information society by raising
“awareness of network and information security and to develop and promote a culture, of network and information security in society for the benefit of citizens, consumers, enterprises and public sector organizations in the Union”
In order to accomplish this awareness, ENISA has published a free training courses, with handbooks, toolsets and virtual images to support the training sessions:
ENISA CSIRT training material was introduced in 2008. In 2012, 2013 and 2014 it was complemented with new exercise scenarios containing essential material for success in the CSIRT community and in the field of information security. In these pages you will find the ENISA CSIRT training material, containing Handbooks for teachers, Toolsets for students and Virtual Images to support hands on training sessions.
The ENISA CSIRT training material covers four main areas: Technical, Operational, Setting Up a CSIRT, Legal and Cooperation
Technical
- Building artefact handling and analysis environment
- Processing and storing artifacts
- Artefact analysis fundamentals
- Advanced artefact handling
- Introduction to advanced artefact analysis
- Dynamic analysis of artefacts
- Static analysis of artefacts
- Forensic analysis: Local Incident Response
- Forensic analysis: Network Incident Response
- Forensic analysis: Webserver Analysis
- Developing Countermeasures
- Common framework for artefact analysis activities
- Using indicators to enhance defence capabilities
- Identification and handling of electronic evidence
- Digital forensics
- Mobile threats incident handling
- Mobile threats incident handling (Part II)
- Proactive incident detection
- Automation in incident handling
- Network forensics
- Honeypots
- Vulnerability handling
- Presenting, correlating and filtering various feeds
Operational
- Incident handling during an attack on Critical Information Infrastructure
- Advanced Persistent Threat incident handling
- Social networks used as an attack vector for targeted attacks
- Writing Security Advisories
- Cost of ICT incident
- Incident handling in live role playing
- Incident handling in the cloud
- Large scale incident handling
Setting Up a CSIRT
Legal and Cooperation
- Establishing external contacts
- Cooperation with law enforcement
- Assessing and Testing Communication Channels with CERTs and all their stakeholders
- Identifying and handling cyber-crime traces
- Incident handling and cooperation during phishing campaign
- Cooperation in the Area of Cybercrime
- CERT participation in incident handling related to the Article 13a obligations
- CERT participation in incident handling related to the Article 4 obligations
Enjoy!
[embed]https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material[/embed]