Information Security Training cyber security incident handling


Hands-On | 42 Hours, 7 Days | CSIH Exam Attempt | Online LAB Access

Laptop Required | Aligned with NIST Incident Handling Guidelines

Adoption of Incident Handling Process, helps an organization to get ready for any undesired circumstances and security attack scenarios. An organized and careful reaction to an incident can make the difference between complete recovery and total disaster. 

Hack2Secure’s Workshop on Incident Handling provides hands-on exposure using both Real-Time scenarios and Simulated Lab environment to detect, analyze, contain and handle different Security Risks and Attack vectors. This program provides well-known, recognized, step-by-step Incident Handling process required to respond against different Cyber Security Incidents types.

What you will Receive?

  • Interactive Sessions [Class Room / Live Online]
  • Online Lab Access
    • Plug & Play, Cloud Based
  • CSIH Cert Attempt Voucher
    • 1 Attempt, 6 months Validity
    • Globally Proctored and Delivered by Pearson VUE
  • Training Completion Certificate

What NOT to Expect?

  • Deep-dive to Information Security Basic concepts, apart from scoped curriculum
  • Any distribution of License or Key of Commercial Security Tools
  • Job Opportunity (Though, it will be easy to find with this curriculum and skill-set)


  • Awareness on different Network/Web/Application Security Attacks
  • Understanding of UNIX & WINDOWS Operating System

Laptop Required

Hack2Secure will provide access to its Cloud based Lab Environment including access to Vulnerable Server and required Security Tools. To access same, Students are required to have sufficient configuration supporting Laptop and Internet Speed.

Min. Laptop Configuration

  • Operating System: Windows 7, 8, 8.1, 10
  • RAM: Min. 4 GB (Recommended)
  • Networking: LAN Port

Cyber Security Incident Handling: Workshop Info

Incident Handling Steps & Process: Deep Dive Attack types and Defensive measures
Reconnaissance, Google Hacking Spoofing, Cache Poisoning
Exploiting Accounts & Passwords Buffer Overflow
Session Management Flaws SQLi, XSS
Worms, Bots, Trojan Horses Backdoors & Rootkits
Covering Attack Tracks Wireshark, Scapy
Metasploit Framework Burp Suite, NMap, Netcat

Interactive Sessions [Class Room / Live Online]
Online Lab Access
CSIH Cert Attempt Voucher
Training Completion Certificate

Security Team
  • Security Engineers, Testers, Analyst
  • InfoSec Incident Handlers
  • System & Network Security Admins
  • Security Managers, Consultants, Auditors
R&D Team
  • Software Consultants
  • Research Engineers
  • Team Leads, Tech. Managers

Workshop Modules

Incident Handling: Process

  • About, Definitions, Benefits
  • NIST SP 800-61
  • Phase#1: Preparation
  • Phase#2: Identification
  • Phase#3: Containment
  • Phase#4: Eradication
  • Phase#5: Recovery
  • Phase#6: Lessons Learned
  • Handling Common Incident Types


  • DNS Protocol: Analysis
  • Open Source Intelligence
  • Google Hacking
  • Handling Incidents & Defense Measures

Mapping, Sniffing & Scanning

  • Network Mapping & Port Scanning
  • Fragmentation Attacks
  • Nmap, Wireshark
  • Nikto, Netcat
  • Handling Incidents & Defense Measures

Attack: Spoofing & Hijacking

  • Packet Spoofing & Session Hijacking
  • Scapy
  • DNS Cache Poisoning
  • Handling Incidents & Defense Measures

Attack: Accounts & Passwords

  • Authentication: About, Schemes
  • Username Harvesting, Password Attacks
  • Handling Incidents & Defense Measures

Attack: Buffer Overflow

  • About, Types
  • Format String Vulenrability
  • Handling Incidents & Defense Measures

Attack: Web Applications

  • Session Management Flaws
  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Command Injection:
  • Handling Incidents & Defense Measures

Attack: Malware

  • Malwares: Intro
  • Worms: About, Types & Working
  • Bots: About, Working
  • Handling Incidents & Defense Measures

Attack: Denial of Service

  • About, Working & Types
  • Handling Incidents & Defense Measures

Maintaining Access

  • Backdoors: Working, Detection Methods
  • Trojan Horses: Working, Capabilities
  • Rootkits: Working, Types, Techniques
  • Handling Incidents & Defense Measures

Covering Tracks

  • File Hiding Techniques
  • Tunneling & Covert Channel
  • Steganography: Working, Techniques
  • Handling Incidents & Defense Measures

Send Details

Incident Handling Workshop [Reference Guide]

Cyber Security Incident Handler

Evaluate your skills in Detection & Containment of Cyber Security Incidents

csih certification
   Explore Blogs  About H2S