CREST Certified Incident Manager

The National Cyber Security Strategy sets a strategic objective of making the UK more resilient to cyber attacks. Such attacks can vary in terms of persistence, sophistication and impact. In order to assist organisations with their response to a potential compromise, there is a twin track approach for the provision of certified Cyber Incident Response services. A broad-based scheme focused on maintaining an appropriate standard for incident response, managed by an industry professional body, delivered by industry and endorsed by CESG and CPNI. This scheme is currently administered by CREST and is known as the CREST Certified Incident Response Scheme (CSIR). A small focused Government run Cyber Incident Response (CIR) scheme certified by CESG and CPNI. Industry partners deliver services that are focused on responding to sophisticated targeted cyber attacks against networks of national significance. From August 2015, the UK Government will require that companies providing Cyber Incident Response services within the terms of the CESG/CPNI CIR scheme, have at least one qualified CREST Certified Incident Manager on their team. The CIR scheme is certified by CESG and CPNI to deliver a focused service dealing with sophisticated, targeted attacks on networks of national significance.

Course syllabus:

  1. Soft Skills and Incident Handling

  2. Core Technical Skills

  3. Background Information Gathering & Open Source

  4. Network Intrusion Analysis

  5. Analysing Host Intrusions

  6. Reverse Engineering Malware

  7. Incident Management

  8. Computer Networking Fundamentals

  9. Virtualisation Technologies

  10. Platform Security

  11. Identification and Access Management

  12. Applications

  13. Virtualisation Technologies

  14. Security Methodologies

  15. Security Vulnerabilities & Prevention Techniques