EC-Council Incident Handling (ECIH, CTIA, and CSA) and CompTIA CySA+ Bundle

Course Overview

Certified SOC and Incident Handling Bundle

SKU: EC-Council-106

MSRP: $3999

Sales Price: $3799

High-level description: The SOC and Incident Handling Bundle equips current and aspiring SOC analysts with the skills needed to excel in today’s cybersecurity landscape. This comprehensive program includes the Certified SOC Analyst (CSA), Certified Threat Intelligence Analyst (CTIA), EC-Council Incident Handler (ECIH), and CompTIA CySA+ certifications. The bundle covers foundational concepts, SOC operations, log management, SIEM deployment, advanced incident detection, threat intelligence, and incident response, delivered through a blend of live online and self-paced training by industry experts.

Course Delivery:

1. Official EC-Council ECIH: Live Online ILT
2. Contact us to schedule
3. Official EC-Council CSA: Self-paced Online ILT
4. Official EC-Council CTIA: Self-paced Online ILT
5. ITI Custom CompTIA CySA+: Self-paced Online ILT
6. Official CompTIA CySA+: Self-paced Online ILT

Duration:

1. Official EC-Council CSA (Live): 3 Days
2. Official EC-Council CSA (Self-paced): 3 Days
3. Official EC-Council CTIA (Self-paced):  2 Days
4. ITI Custom CompTIA CySA+ (Self-paced):  ~ 2.5 days (18 hours)
5. Official CompTIA CySA+ (Self-paced): ~ 3 days

ITI Custom CompTIA CySA+ : Gain expertise in cybersecurity analytics with our CompTIA CySA+ course, covering essential concepts and practices.

Course Highlights:

1. Duration: 6+ hours
2. Content: 80+ On-demand Videos
3. Exam Prep: 100Prep Questions
4. Certificate of Completion for CompTIA CySA+

Topics Areas Included:

1. Threat and Vulnerability Management
2. Software and Systems Security
3. Security Operations and Monitoring
4. Incident Response
5. Compliance and Assessment

Modules:

1. Module 1 – CompTIA CySA+ CS0-003 Basics
2. Module 2 – CompTIA CySA+ CS0-003 Domain 1 – Security Operations
3. Module 3 – CompTIA CySA+ CS0-003 Domain 2 – Vulnerability Management
4. Module 4 – CompTIA CySA+ CS0-003 Domain 3 – Incident Response and Management
5. Module 5 – CompTIA CySA+ CS0-003 Domain 4 – Reporting and Communication
6. Module 6 – CompTIA CySA+ CS0-003 – Course Closeout

Labs Included (12 hours):

1. System & Network Security Implementation Concepts
2. Threat Intelligence & Threat Gathering Concepts
3. Techniques to Determine Malicious Activity
4. Vulnerability Scanning Tools & Techniques
5. Identifying & Analyzing Malicious Activity
6. Tools for Identifying Malicious Activity
7. Attack Methodology Frameworks
8. Vulnerability Data Analysis and Prioritization
9. Incident Response Management Techniques
10. Incident Response Communication & Reporting
11. Vulnerability Reporting Concepts
12. Vulnerability Patching & Attack Surface Management

CompTIA CertMaster Learn and Labs Descriptions:

CompTIA CySA+ (CS0-003) CertMaster Learn and Labs: CertMaster Learn is a comprehensive eLearning experience that helps learners gain the knowledge and practical skills necessary to be successful on CompTIA certification exams, and in their IT career. A Learning Plan helps learners stay on track with their studies, while robust analytics bring awareness of strengths and weaknesses.

CertMaster Labs make it easy for learners to practice and apply their skills in real workplace scenarios in preparation for the certification exam. All lab activities use real equipment and software, offer feedback and hints, and provide a score based on learner inputs, ultimately guiding learners to the most correct and efficient path through job tasks.

In the integrated experience, CertMaster Labs are integrated as Study Tasks within the CertMaster Learn Learning Plan, accessible through a single login and seamless workflow.

CertMaster Learn Features:

1. Lessons cover all exam objectives with integrated videos
2. Hundreds of practice questions test your knowledge
3. Performance-based questions apply what you’ve learned in a scenario
4. Assisted Labs guide you step-by-step through tasks
5. Applied Labs present goal-oriented scenarios and require critical thinking and analysis
6. Flashcards ensure you know the terminology and acronyms required for the exam
7. The Learning Plan keeps you on track with your studies

Topics Covered:

1. Lesson 1: Understanding Vulnerability Response, Handling, and Management
2. Lesson 2: Exploring Threat Intelligence and Threat Hunting Concepts
3. Lesson 3: Explaining Important System and Network Architecture Concepts
4. Lesson 4: Understanding Process Improvement in Security Operations
5. Lesson 5: Implementing Vulnerability Scanning Methods
6. Lesson 6: Performing Vulnerability Analysis
7. Lesson 7: Communicating Vulnerability Information
8. Lesson 8: Explaining Incident Response Activities
9. Lesson 9: Demonstrating Incident Response Communication
10. Lesson 10: Applying Tools to Identify Malicious Activity
11. Lesson 11: Analyzing Potentially Malicious Activity
12. Lesson 12: Understanding Application Vulnerability Assessment
13. Lesson 13: Exploring Scripting Tools and Analysis Concepts
14. Lesson 14: Understanding Application Security and Attack Mitigation Best Practices

Labs Available:

1. Assisted Lab: Exploring the Lab Environment
2. Assisted Lab: Configuring Controls
3. Assisted Lab: Reviewing IoC and Threat Intelligence Sources
4. Assisted Lab: Performing Threat Hunting
5. Assisted Lab: Configuring Centralized Logging
6. APPLIED LAB: Performing System Hardening
7. Assisted Lab: Assess Time Synch Errors
8. Assisted Lab: Configuring Automation
9. Assisted Lab: Performing Asset Discovery
10. Assisted Lab: Performing Vulnerability Scanning
11. Assisted Lab: Performing Passive Scanning
12. Assisted Lab: Establishing Context Awareness
13. Assisted Lab: Analyzing Vulnerability Reports
14. Assisted Lab: Detecting Legacy Systems
15. APPLIED LAB: Performing Post-Incident Forensic Analysis
16. APPLIED LAB: Performing IoC Detection and Analysis
17. ADAPTIVE LAB: Performing Playbook Incident Response
18. APPLIED LAB: Collecting Forensic Evidence
19. Assisted Lab: Performing Root Cause Analysis
20. APPLIED LAB: Using Network Sniffers
21. APPLIED LAB: Researching DNS and IP Reputation
22. Assisted Lab: Using File Analysis Techniques
23. Assisted Lab: Analyzing Potentially Malicious Files
24. Assisted Lab: Using Nontraditional Vulnerability Scanning Tools
25. APPLIED LAB: Performing Web Vulnerability Scanning
26. Assisted Lab: Exploiting Weak Cryptography
27. Assisted Lab: Performing and Detecting Directory Traversal and Command Injection
28. Assisted Lab: Performing and Detecting Privilege Escalation
29. Assisted Lab: Performing and Detecting XSS
30. Assisted Lab: Performing and Detecting LFI/RFI
31. Assisted Lab: Performing and Detecting SQLi
32. Assisted Lab: Performing and Detecting CSRF
33. APPLIED LAB: Detecting and Exploiting Security Misconfiguration

CSA Description: Prepare for a career in a Security Operations Center (SOC) with our CSA course, which provides 24 hours of content focusing on SOC operations. This course covers the essentials of working in a SOC, from understanding SOC infrastructure to performing advanced incident detection and response. The lab-intensive CSA program emphasizes the holistic approach to deliver advanced knowledge of how to identify and validate intrusion attempts.

Topics Covered:

1. Introduction to SOC
2. Understanding Cyber Threats, IoCs, and Attack Methodologies
3. Incident Detection with SIEM
4. Incident Response
5. Threat Intelligence, Threat Modeling, and Threat Hunting
6. Post Incident Response

Exam Information: The course includes an exam voucher. The CSA exam can be taken online through the EC-Council’s remote proctoring service or at authorized testing centers.

License Information: One license provides access to the CSA course for 12 months. Access keys must be redeemed within 12 months of purchase.

How to Access: Instructions for accessing the course will be emailed after purchase.

Link to brochure: And

CTIA Description: This course covers the fundamentals of threat intelligence, including its types, lifecycle, strategy, and frameworks. It explores various cybersecurity threats and attack frameworks such as APTs, Cyber Kill Chain, MITRE ATT&CK, and Diamond Model. Participants will learn the steps involved in planning a threat intelligence program, data collection methods, and processing techniques. The course also delves into threat data analysis, threat modeling, creating and sharing intelligence reports, threat hunting, and using Python scripting for automation and intelligence sharing in SOC operations and incident response.

Topics Covered:

1. Introduction to Threat Intelligence
2. Cyber Threats and Attack Frameworks
3. Requirements, Planning, Direction, and Review
4. Data Collection and Processing
5. Data Analysis
6. Intelligence Reporting and Dissemination
7. Threat Hunting and Detection
8. Threat Intelligence in SOC Operations, Incident Response, & Risk Management

Exam Information: The course includes an exam voucher. The CTIA exam can be taken online through the EC-Council’s remote proctoring service or at authorized testing centers.

License Information: One license provides access to the CTIA course for 12 months. Access keys must be redeemed within 12 months of purchase.

How to Access: Instructions for accessing the course will be emailed after purchase.

ECIH Description: Prepare for effective incident handling with our ECIH course, which provides 24 hours of content focusing on incident management. This course covers the essentials of incident handling, from identifying security incidents to responding and recovering from them.

Topics Covered:

1. Introduction to Incident Handling and Response
2. Incident Handling and Response Process
3. Forensic Readiness and First Response
4. Incident Handling Tools and Techniques
5. Incident Handling Policies and Laws
6. Risk Assessment
7. Handling Different Types of Incidents
8. Incident Recovery Techniques

Exam Information: Each course includes an exam voucher. The EC-Council exams can be taken online through the EC-Council’s remote proctoring service or at authorized testing centers and CompTIA exams can be taken online through Pearson VUE.

License Information: One license provides access to each course for 12 months. Access keys must be redeemed within 12 months of purchase.

How to Access: Instructions for accessing the course will be emailed after purchase.