Certified Cyber Incident Response Manager

Certified Cyber Incident Response Manager WebPage Image

Course Overview

As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.

The Certified Cyber Incident Response Manager certification course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Practical lab exercises utilize Wireshark, a packet capturing tool used in real-world investigations.

Learning Objectives

01) Overview of The Incident Response Life Cycle
02) Understanding the Threat Landscape
03) Building an Effective Incident Response Capability
04) Preparing for Incident Response Investigations
05) Vulnerability Assessment and Management
06) Identifying Network and System Baselines
07) Indicators of Compromise and Threat Identification
08) Investigative Principles and Lead Development
09) Threat Intelligence Collection and Analysis
10) Overview of Data Forensics and Analysis
11) Host-Based Data Collection Practices
12) Network-Based Data Collection Practices
13) Static and Dynamic Malware Triage
14) Incident Containment and Remediation
15) Incident Reporting and Lessons Learned
16) Creating Playbooks and Response Scenarios

Upcoming Sessions

Session 1

OCTOBER 19-23, 2020
Monday-Friday, 8:00AM – 5:00PM
Location: Online with Live Instruction
Payment Due by October 12th


Session 2

NOVEMBER 16-20, 2020
Monday-Friday, 8:00AM – 5:00PM
Location: Online with Live Instruction
Payment Due by November 9th


Course Layout

Total Course Hours: 38

  • Lecture: 24 Hours
  • Lab: 10 Hours
  • Exam Prep: 2 Hours
  • Certification Exam: 2 Hours

Course Cost

$3,500, includes:

  • Course Textbook
  • Exam Prep Guide
  • Lab Textbook
  • CPE Completion Certificate
  • Wireshark Lab Exercises
  • Course Certification Certificate
  • External Drive with Lab Images
  • Certification Exam

Financial Assistance

Phase 2 Advantage is now offering 100% financing at student loan rates for this course. (Please note: This financing is available through Phase2Advantage and not through Savannah Technical College). Click below to learn more about available financing available through Phase2Advantage.

Phase2Advantage Financing Banner

Career Outlook