This comprehensive 3-day course is designed to equip participants with the essential skills and knowledge needed for effective cyber security incident handling and response. Ideal for professionals looking to enhance their incident management capabilities, this course prepares attendees to tackle a wide range of security incidents as well as the CPIA (CREST Practitioner Intrusion Analyst) Exam.
Upon completion of this course, participants will be able to:
- Establish a robust incident response plan by defining the scope and context of incidents.
- Implement security by design principles to enhance overall system resilience.
- Develop and deploy effective incident response strategies tailored to various types of security incidents.
- Integrate digital forensics practices into the incident response process for better evidence collection and analysis.
- Manage and respond to specific incidents, including malware attacks, email security breaches, network vulnerabilities, web application threats, cloud security issues, and insider threats.
- Design performance metrics to evaluate the effectiveness of incident response efforts and continuously improve processes.
Day 01
1. Introduction to Incident Handling and Response
1.1. Review of Enterprise Governance and Business Continuity
1.2. Review Threat Intelligence
1.3. Overview of Incident Response Frameworks
2. Incident Handling and Response Process
2.1. Define the scope and Context for Incident Response Plan
2.2. Security By Design
2.3. Deployment and Implementation
3. Forensic Readiness and First Response
3.1. Introduction to Digital Forensics
3.2. Forensics Readiness
3.3. Digital Forensic and Incident Response
Day 02
4. Handling and Response to Malware Incidents
4.1. Dynamic Application Review
4.2. Static Application Review
4.3. Critical Areas of Assessment
5. Handling and Responding to Email Security Incidents
5.1. Define the Scope, objective of Incident Response Plan related to Email Security Incidents
5.2. Design and Develop Incident Response Plan
5.3. Define Performance Metrics Guidelines
6. Handling and Responding to Network Security Incidents
6.1. Define the Scope, objective of Incident Response Plan related to Network Security Incidents
6.2. Design and Develop Incident Response Plan
6.3. Define Performance Metrics Guidelines
6.4. Critical Area of Assessment
Day 03
7. Handling and Responding to Web Application Security Incidents
7.1. Define the Scope, objective of Incident Response Plan related to Web Application Security Incidents
7.2. Design and Develop Incident Response Playbook
7.3. Define Performance Metrics Guidelines
7.4. Critical Area of Assessment
8. Handling and Responding to Cloud Security Incidents
8.1. Define the Scope, objective of Incident Response plan related to Email Cyber attacks
8.2. Design and Develop Incident Response Playbook
8.3. Define Performance Metrics Guidelines
8.4. Critical Area of Assessment
9. Handling and Responding to Insider Threats Incidents
9.1. Define the Scope, objective of Incident Response plan related to Insider Threat Security Incidents
9.2. Design and Develop Incident Response Playbook
9.3. Define Performance Metrics Guidelines
9.4. Critical Area of Assessment
- Aspiring incident response team members in information security
- Practitioners seeking CREST Registration
- System administrators handling attacks
- Incident handlers wanting to learn about Digital Forensics
- Government departments aiming to enhance security team skills
- Law enforcement officers expanding investigative expertise
- Information security managers updating on current techniques
- Individuals interested in a career in Intrusion Analysis or Digital Forensics, meeting prerequisites
Pre-requisites
The CPIA (CREST Practitioner Intrusion Analyst) has no prerequisite exam but is the prerequisite to the CRIA (CREST Registered Intrusion Analyst) exam.
The CPIA exam is an entry-level exam that tests a candidate’s knowledge in assessing fundamental aspects of Incident Response below that of the CRIA qualification. This includes administration and incident management, the core technical skills required to deal with an incident, Information Gathering, Network and Host Intrusion knowledge and Malware Analysis to a basic level.
CPIA validates a practitioner’s knowledge of Incident Response beyond terminology. Successful CPIA candidates will be able to demonstrate that they are qualified for hands-on Incident Response roles (indicative of 2 years experience) with respect to:
– Soft Skills and Incident Handling
– Core Technical Skills
– Background Information Gathering and Open Source
– Network Intrusion Analysis
– Analysing Host Intrusions
– Malware Analysis/Reverse Engineering
Number of Questions : 120
Duration : 2 Hours
Format : Multiple choice questions
Location : Pearson Vue Testing Center
Passing Score
Successful candidates must score 60% of the available marks. That is:
– at least 72 marks from the written component (possible total: 120 marks)
2025
Feb
3 – 5
May
26 – 28
Aug
4 – 6
Nov
24 – 26
Course Fee
Course Fee w/o GST | $1,650.00 |
Course Fee w. GST | $1,798.50 |
SME (Company Sponsored) – All Singaporean and Permanent Resident Employee | $643.00 |
Singapore Citizens aged 40 years old and above | $643.00 |
Singapore Citizen below 40 years old and Permanent Residents | $973.00 |
Exam Fee
Exam Voucher is non-inclusive and optional. Please contact us for more info.