This boot camp will serve as an extension of the IHRP Cloud Fundamentals bootcamps, delving into the phases of incident handling and response and applying that knowledge to use in fundamental general for detection, analysis, and containment. Students will have the opportunity to see how they can detect and respond to intrusion attempts in a cloud environment, with no particular focus on a specific cloud. The Bootcamp will also cover some key configuration challenges to improve the effectiveness of the Cloud Deployment. Students will find this a useful introduction to the configuration and use for incident handling and response clouds.
IHRP for Cloud Fundamentals
August 18th - 20th, 11:00 AM - 2:00 PM EDT
Premium & Business Subscribers Get Unlimited Access to All Bootcamps or They Can Be Purchased Separately.
Watch The Recorded Bootcamp
We record each Bootcamp and make it available to watch on my.ine.com. (Premium Required)
ABOUT THE INSTRUCTOR
Dr. Christopher Leach
Throughout his tenured Cyber Security career, Christopher has worked in a variety of leadership roles and at all levels of support and administration on a nationwide scale. Most recently he worked as a Senior Vulnerability Management Engineer and Threat Vulnerability and Patch Engineer. He has also worked as a Senior System and Network Engineer and has held the role of IT Manager and Senior Consultant. In addition, he donates time to the Department of the Navy every month to help service members to stay in compliance with Security Clearance.
A few notable accomplishments include working on what would become the current Moderna COVID-19 vaccine as well as working towards his Ph.D in Cyber Security and Information Assurance. He earned a Master’s degree in Cyber/Computer Forensics and Counter Terrorism from Western Governors University, and is in the final stages of earning his Doctor of Technology, Cybersecurity and Information Assurance from Colorado Technical University. Christopher is an honorary member of the Order of the Sword & Shield, Omicron Sigma Sigma.
Certifications: Comptia: A+, Net+, Sec+, Project+, Linux+. ECC: CEH/CNDA/CHFI, Cisco: CCNA:R&S, Sec+, AWS: Associate, Security
ITINERARY
DAY 1 11 AM - 2 PM EDT
-
Course Introduction
-
Scope of course
- What to expect
- Course | class setup
- Incident Handling & Response Process
-
What is IR-4 & IR-9 in the Cloud
- Preparation
- Detection & Analysis
- Investigation
- Containment & Eradication
- Break
-
Preparation
- SIEM Fundamentals - How do deploy a SIEM in the Cloud?
- Open Source Solutions for Cloud
- LAB - AWS Lab SPLUNK Deploy
- Q&A
-
Scope of course
DAY 2 11 AM - 2 PM EDT
-
-
Detection & Analysis
- Incident Identification & Analysis
- Detecting & Preventing Against Passive Recon in the Cloud
- Detecting & Preventing Against Active Recon in the Cloud
- Detecting & Preventing Against Exploitation in the Cloud
- Break
-
Investigation
- Network Traffic Log Identification & Analysis
- Resource Logs & Analysis
- Endpoint Analytics and Deployment Processes
- Q&A
-
Detection & Analysis
DAY 3 11 AM - 2 PM EDT
-
Containment & Eradication
- How Containment in the cloud is completed
- Eradication Process & Compromise Removal
- Break
-
Recovery & Post Mortem Review
- Incident Closure & Post-Mortem Review
- Backup & Restoration Testing
- Q&A