Graduate Certificate Programs: Incident Response - SANS ...

Designed for working information security and IT professionals, the graduate certificate in Incident Response is a highly technical program focused on ... Home > GraduateCertificates > GraduateCertificatePrograms:IncidentResponse ApplyNow RequestInfo DesignedforworkingInfoSecandITprofessionals,thegraduatecertificateinIncidentResponseisahighlytechnicalprogramfocusedondevelopingyourabilitytomanagebothacomputerandnetwork-basedforensicsinvestigationaswellastheappropriateincidentresponses.FormatOption:A100%onlineoptionisavailableCourses:4Capstone:1GIACCertifications:4Credits:13Duration:18-24monthsTotalProgramCost:$23,375 TheSANS.eduAdvantageGIACCertifications Earn4industry-recognizedGIACcybersecuritycertifications. 100%OnlineOptionAvailable Youhavetheoptionofcompletingtheprogramthroughliveorrewindableonlinecourses. World-classFaculty Learnthelatestskillsandtechniquesfromtheworld'stopcybersecuritypractitioners. PathwaytoaMaster’sDegree Allcreditsearnedinthisprogramcantransferintoourmaster’sdegreeprogram. SANS.eduAcademicPricing GetSANS.eduacademicpricingonSANScoursesandGIACcertifications. PowerfulNetwork Makeconnectionswithsomeofthemosttalentedstudentsandteachersintheindustry. JoinUsforanOnlineInfoSessionLearnmoreabouttheSANS.edugraduateprogramsatafreeonlineinfosession.Havequestions?We’llanswerthem.Tue,June28at11am(ET).Registerhere. SeeAllInfoSessions “Ihavemymaster'sincomputerscience,butIcompletedthreegraduatecertificateprogramswithSANSsoIcouldtrulydivedeepintotechnicalareasofcybersecurityandlearnfrominstructorswhoareleadingtheindustry.”-JeffSass,SeniorEngineeringManager,Adobe LearnHowTo: Explaintheroleofdigitalforensicsandincidentresponseinthefieldofinformationsecurityandrecognizethebenefitsofapplyingthesepracticestobothhostsandnetworkswheninvestigatingacyberincident.Analyzethestructureofcommonattacktechniques toevaluateanattacker’sfootprint,targettheensuinginvestigationandincidentresponse,andanticipateandmitigatefutureactivity.Evaluatetheeffectivenessofavailabledigitalforensictoolsandusetheminawaythatoptimizestheefficiencyandqualityofdigitalforensicinvestigations.Utilizemultiplemalwareanalysisapproachesandtoolstounderstandhowmalwareprogramsinteractwithdigitalenvironmentsandhowtheywerecoded,inordertoreversetheeffectsoftheprogramonnetworksandsystems. Curriculum|13credithours Inthishands-onprogram,you’llbeginwithafoundationalcourse,progressthrough3advancedgraduatecourses—includingaspecializedelectiveofyourchoice—andtestyourtechnicalskillsinDFIRNetWarsContinuous,agraded,onlinerangeexercise. RequiredCoreCourses|10credithours ISE6420:ComputerForensicInvestigations-Windows|FOR500+GCFE SANSCourse:FOR500:WindowsForensicAnalysisCertification:GIACCertifiedForensicExaminer(GCFE) 3CreditHours ISE6420ComputerForensicInvestigations-Windows focusesonthecriticalknowledgeoftheWindowsOperatingSystemthat everydigitalforensicanalystneedstoinvestigatecomputerincidents successfully.Studentslearnhowcomputerforensicanalystsfocuson collectingandanalyzingdatafromcomputersystemstotrackuser-based activitythatcanbeusedininternalinvestigationsorcivil/criminal litigation.Thecoursecoversthemethodologyofin-depthcomputer forensicexaminations,digitalinvestigativeanalysis,andmedia exploitationsoeachstudentwillhavecompletequalificationstowork asacomputerforensicinvestigatorhelpingtosolveandfightcrime. ISE6425:AdvancedDigitalForensics,IncidentResponse,&ThreatHunting|FOR508+GCFA SANSCourse:FOR508:AdvancedIncidentResponse,ThreatHunting,andDigitalForensicsCertification:GIACCertifiedForensicAnalyst(GCFA) 3CreditHours ISE6425teachesthenecessarycapabilitiesforforensic analystsandincidentresponderstoidentifyandcounterawiderangeof threatswithinenterprisenetworks,includingeconomicespionage, hacktivism,andfinancialcrimesyndicates.Thecourseshowsstudents howtoworkasdigitalforensicanalystsandincidentresponseteam memberstoidentify,contain,andremediatesophisticated threats-includingnation-statesponsoredAdvancedPersistentThreatsand financialcrimesyndicates.Studentsworkinahands-onlabdeveloped fromareal-worldtargetedattackonanenterprisenetworkinorderto learnhowtoidentifywhatdatamightbestolenandbywhom,howto containathreat,andhowtomanageandcounteranattack. ISE6440:AdvancedNetworkForensicsandAnalysis|FOR572+GNFA SANSCourse:FOR572:AdvancedNetworkForensics:ThreatHunting,Analysis,andIncidentResponseCertification:GIACNetworkForensicAnalyst(GNFA) 3CreditHours ISE6440:AdvancedNetworkForensicsandAnalysisfocuses onthemostcriticalskillsneededtomountefficientandeffective post-incidentresponseinvestigations.Movingbeyondthehost-focused experiencesinISE6420andISE6425,ISE6440coversthetools, technology,andprocessesrequiredtointegratenetworkevidencesources intoinvestigations,coveringhigh-levelNetFlowanalysis,low-level pcapexploration,andancillarynetworklogexamination.Hands-on exercisesinFOR572coverawiderangeofopensourceandcommercial tools,andreal-worldscenarioshelpthestudentlearntheunderlying techniquesandpracticestobestevaluatethemostcommontypesof network-basedattacks. ISE6400:CertificateProgramCapstone|DFIRNetWarsContinuous Content:DFIRNetWarsContinuous 1CreditHour DFIRNetWarsContinuousisanincidentsimulatorpacked withavastamountofforensic,malwareanalysis,threathunting,and incidentresponsechallengesdesignedtohelpyougainproficiency withouttheriskassociatedwhenworkingreal-lifeincidents. ElectiveCourses|3credithoursStudentsselectoneofthefollowing. ISE5201:HackerTechniques&IncidentResponse|SEC504+GCIH SANSCourse:SEC504:HackerTools,Techniques,andIncidentHandlingCertification:GIACCertifiedIncidentHandler(GCIH) 3CreditHours Byadoptingtheviewpointofahacker,ISE5201providesan in-depthfocusintothecriticalactivityofincidenthandling.Students aretaughthowtomanageintrusionsbyfirstlookingatthetechniques usedbyattackerstoexploitasystem.Studentslearnresponsestothose techniques,whichcanbeadoptedwithintheframeworkoftheincident handlingprocesstohandleattacksinanorganizedway.Thefaculty instruction,labexercises,andexamarecoordinatedtodevelopandtest astudent'sabilitytoutilizethecorecapabilitiesrequiredfor incidenthandling. ISE6445:CyberThreatIntelligence|FOR578+GCTI SANSCourse:FOR578:CyberThreatIntelligenceCertification:GIACCyberThreatIntelligence(GCTI) 3CreditHours ISE6445willequipyou,yoursecurityteam,andyour organizationinthetactical,operational,andstrategiclevelcyber threatintelligenceskillsandtradecraftrequiredtobetterunderstand theevolvingthreatlandscapeandtoaccuratelyandeffectivelycounter thosethreats.Thiscoursefocusesonstructuredanalysisinorderto establishasolidfoundationforanysecurityskillsetandtoamplify existingskills. ISE6450:AdvancedSmartphoneForensics|FOR585+GASF SANSCourse:FOR585:SmartphoneForensicAnalysisIn-DepthCertification:GIACAdvancedSmartphoneForensics(GASF) 3CreditHours ThefocusofISE6450isonteachingstudentshowto performforensicexaminationsondevicessuchasmobilephonesand tablets.Studentswilladdtotheirforensicsskillswiththiscourse's focusontheadvancedskillsofmobileforensics,devicefilesystem analysis,mobileapplicationbehavior,eventartifactanalysisandthe identificationandanalysisofmobiledevicemalware.Studentswill learnhowtodetect,decode,decrypt,andcorrectlyinterpretevidence recoveredfrommobiledevices.Thecoursefeaturesanumberofhands-on labsthatallowstudentstoanalyzedifferentdatasetsfromsmart devicesandleveragethebestforensictoolsandcustomscriptstolearn howsmartphonedatahideandcanbeeasilymisinterpretedbyforensic tools. ISE6455:MacandiOSForensicAnalysisandIncidentResponse|FOR518+GIME SANSCourse:FOR518:MacandiOSForensicAnalysisandIncidentResponseCertification:GIACiOSandMacOSExaminer(GIME) 3CreditHours ISE6455providesthetechniquesandskillsnecessarytotakeonanyMacoriOScasewithouthesitation.Theintensehands-onforensicanalysisandincidentresponseskillstaughtinthecoursewillenablestudentstobroadentheircapabilitiesandgaintheconfidenceandknowledgetocomfortablyanalyzeanyMacoriOSdevice.Inadditiontotraditionalinvestigations,thecoursepresentsintrusionandincidentresponsescenariostohelpanalystslearnwaystoidentifyandhuntdownattackersthathavecompromisedAppledevices. ISE6460:Reverse-EngineeringMalware|FOR610+GREM SANSCourse:FOR610:Reverse-EngineeringMalware:MalwareAnalysisToolsandTechniquesCertification:GIACReverseEngineeringMalware(GREM) 3CreditHours ISE6460teachesstudentshowtoexamineandreverse engineermaliciousprograms-spyware,bots,Trojans,etc.-thattarget orrunonMicrosoftWindows,withinbrowserenvironmentssuchas JavaScriptorFlashfiles,orwithinmaliciousdocumentfiles(including WordandPDF).Thecoursebuildsastrongfoundationfor reverse-engineeringmalicioussoftwareusingavarietyofsystemand networkmonitoringutilities,adisassembler,adebuggerandother tools.Themalwareanalysisprocesstaughtinthisclasshelpsstudents understandhowincidentrespondersassesstheseverityandrepercussions ofasituationthatinvolvesmalicioussoftwareandplanrecovery steps.Studentsalsoexperiencehowforensicsinvestigatorslearnto understandkeycharacteristicsofmalwarediscoveredduringthe examination,includinghowtoestablishindicatorsofcompromise(IOCs) forscopingandcontainingtheincident. GIACCertificationsRanked#1 CybersecurityprofessionalsrankedGIACcertificationsasthemostvaluedcertificationswhenselectingjobcandidatesforinterviews.(Source:cio.org) OurstudentsearnmultipleGIACcertifications,alongwiththeirdegreeorcertificate,aspartofeverySANS.eduprogram. LearnMore JoinUsforanInfoSession Master’sDegreeandGraduateCertificatePrograms Tue,June28,11:00am(ET) LearnMore Studywiththebestfacultyincybersecurity ViewAllFaculty TakeYourNextStepNeedmoreinformation?We’rehappytoansweryourquestions.Joinusforaninfosession,[email protected]. Readytoapply?Welookforwardtolearningaboutyouandyourcareergoals. RequestInfo ApplyNow “IchosetheSANSgraduateprogrambecausethetechnicalcontentandfacultyareunparalleled,andthemixofliveandonlineinstructionfitintomyworklife.”-JoshuaLewis,VP,ThreatIntelligence&IncidentResponse,UmpquaBank SuccessStories JeffSass VideogamingwasthestartofwhatwouldleadtoJeffSass’sdecades-longcareeratAdobe.Discoverwhyhechosetopursue3graduatecertificatesatSANS.edu—andhowtheexperiencehelpedhimwinapromotiontomanager. ReadMore ShawnaTurner ShawnaTurnerearnedamaster'sfromSANS.eduwhileworkingfulltimeatNike,soonlinecourseoptionsandtheabilitytoadjustherscheduletoherlifeneedswerecriticaltohersuccess.Discoverhowthisformertheatertechtransformedherselfintoacybersecuritysubjectmatterexpert. ReadMore Richard“Rick”HalsellJr. Richard“Rick”HalsellJr.defendedtheArmyagainstnetworkbreachesandtodayisseniorsecurityengineerforLululemonAthletica.Learnabouthiscareerjourneyandseewhythismaster'sdegreeholderchosetopursue2graduatecertificatesatSANS.edu. ReadMore CourseDeliveryOptionsCompleteanyofourcybersecuritydegreeorcertificateprogramsbytakingcoursesthatare100%onlineorthatstartwithweeklongin-personeventsheldacrossthecountryandaroundtheworld.Oryoucandoamixofboth. OnDemand Ourmostflexibleoptiongivesyou24/7accesstoonlinecoursesrecordedbytopcybersecuritypractitioners.Youcanrewindandrepeatcontent,includinghands-onlabs,quizzes,andexercises. LiveOnline Studyfromhome—andsaveontravelandlodgingexpenses—throughlive,interactivescheduledonlinecourseswithSANSinstructorsandhands-onlabsinavirtualenvironment. In-Person Immersiveweeklongcourseswithhands-onlabsareheldacrossthecountryandaroundtheworldthroughouttheyear.Meetfellowstudentsandinstructorsandhavethechancetoattendspecialevents,NetWars,vendorpresentations,andmore. Joinusforafreeonlineinfosessiontolearnmore. SeeAllInfoSessions TuitionTotalprogramcost:$23,375 Tuitionincludesthecostofthecourse,textbooks,andcertificationteststhatserveasmid-termorfinalexamsforcourses. GettheCreditYouDeserveStudentswhohavetakenSANStrainingclassesandhaveactiveGIACcertificationsmaybeabletowaiveonecourseandGIACcertificationintotheprogram.Seeourwaiverpolicy. RequestInfo ApplyNow FundingOptions PayPerCourse Studentspaytuitionpercoursewhichallowsyouthefinancialflexibilitytopaysmalleramountsasyougo. EmployerAssistance Becauseweareregionallyaccredited,ourtuitioniseligibleformostcorporateoremployertuitionassistanceprograms. VAEducationBenefits AllSANS.eduprogramsareeligibleforUSandCanadianVeteransEducationBenefits. LearnMore TuitionPaymentProgram(TPP) Eligiblegraduatestudentscanspreadoutthecostoftheprograminmonthlyinstallmentsof$850over3years,withnointerestorfees. SANSVoucher Ifyou’dliketouseaSANSUniversalVoucherAccount,confirmwithyourvoucheradministratorthatcoursetuitionisaneligibleexpense. OntarioStudentAssistanceProgram SANS.eduprogramsareeligiblefortheOntarioStudentAssistanceProgram(OSAP)afinancialaidprogramforresidentsofOntario,Canada. VisittheOSAPWebsite Questions? We'rehappytohelp. [email protected]. RequestInfo ApplyNow AbouttheSANSTechnologyInstitute Foundedin2005,theSANSTechnologyInstitute(SANS.edu)isthe independent,regionally-accredited,VA-approvedsubsidiaryofSANS,the world'slargestandmosttrustedproviderofcybersecuritytraining, certification,andresearch.Offeringundergraduateandgraduate programsatthecuttingedgeofcybersecurity,SANS.eduisstrengthening thecyberworkforcethroughacareer-focusedcurriculumbuiltonproven SANScoursesandindustry-recognizedGIACcertifications. TheSANSTechnologyInstituteisaccreditedbyTheMiddleStates CommissiononHigherEducation(1007NorthOrangeStreet,4thFloor,MB#166,Wilmington,DE19801-267.284.5000),aninstitutionalaccreditingagencyrecognizedby theU.S.SecretaryofEducationandtheCouncilforHigherEducation Accreditation.