ENISA CERT training

Posted by Theodore on Πέμπτη, Δεκεμβρίου 18, 2014 with No comments
ENISA has launched a new section on its website introducing the ENISA CERT training program. In the new section, you can find all the publicly available training resources and the training courses currently provided by ENISA.
The material has been categorized into 4 main topics:
  • Technical,
  • Operational,
  • Setting up a CERT, and
  • Legal and cooperation.
Additionally, various tools for hands-on training (such as Virtual Machines) are provided. In 2014 training scenarios were added covering various topics in the area of artifact handling and analysis. Artifact analysis involves receiving information about artifacts that are used in attacks, reconnaissance, and other unauthorized or disruptive activities. The created course covers the topics of building an artifact handling and analysis environment, the fundamentals for artifact analysis, as well as advanced artifact analysis and a common framework for artifact analysis activities.

Visit the new page and material here.

Topics

Technical
  • Building artifact handling and analysis environment
  • Processing and storing artifacts
  • Artifact analysis fundamentals
  • Advanced artifact handling
  • Developing Countermeasures
  • Common framework for artifact analysis activities
  • Identification and handling of electronic evidence
  • Digital forensics
  • Mobile threats indident handling
  • Proactive incident detection
  • Automation in incident handling
  • Network forensics
  • Honeypots
  • Vulnerability handling
  • Presenting, correlating and filtering various feeds
Operational
  • Incident handling during an attack on Critical Information Infrastructure
  • Advanced Persistent Threat incident handling
  • Social networks used as an attack vector for targeted attacks
  • Writing Security Advisories
  • Cost of ICT incident
  • Incident handling in live role playing
  • Incident handling in the cloud
  • Large scale incident handling
Setting Up a CERT
  • Triage & Basic Incident Handling
  • Incident handling procedure testing
  • Recruitment of CERT staff
  • Developing CERT infrastructure
Legal and Cooperation
  • Establishing external contacts
  • Cooperation with law enforcement
  • Assessing and Testing Communication Channels with CERTs and all their stakeholders
  • Identifying and handling cyber-crime traces
  • Incident handling and cooperation during phishing campaign
  • Cooperation in the Area of Cybercrime
  • CERT participation in incident handling related to the Article 13a obligations
  • CERT participation in incident handling related to the Article 4 obligations

Categories: ,