=============================================================================
====== Incident Handling & Response Professional (IHRP) Course Outlines =====
======= Provided By eLearnSecurity, Teached By: Ahmed Sultan ================
============================ @ahmedesultan ==================================
======== Visit "https://netriders.academy" for More Courses =================
=============================================================================

=======
TOPICS
=======
1- Incident Handling Overview
   1.1- Incident Handling Process (Lab1 and Lab2)

2- Network Traffic & Flow Analysis
   2.1- Intrusion Detection by Analyzing Traffic Part1 (No Labs)
   2.2- Intrusion Detection by Analyzing Traffic Part2 (Lab3, Lab4, Lab5 and Lab6)
   2.3- Intrusion Detection by Analyzing Flow (No Labs)

3- Practical Incident Handling
   3.1- Preparing and Defending Against Reconnaissance and Information Gathering (No Labs)
   3.2- Preparing and Defending Against Scanning (No Labs)
   3.2- Preparing and Defending Against Exploitation (No Labs)
   3.4- Preparing and Defending Against Post Exploitation (No Labs)

4- SOC 3.0 Operations & Analytics
   4.1- SIEM Fundamentals and Open Source Solutions (Lab7, Lab8 and Lab9)
   4.2- Logging (No Labs)
   4.3- SMTP, DNS and HTTPS Analytics (No Labs)
   4.4- Endpoint Analytics (No Labs)
   4.5- Creating a Baseline and Detecting Deviations (No Labs)

=====
LABS
=====
Lab1: Enterprise Wide Incident Response (GRR)
Lab2: Enterprise Wide Incident Response (Velociraptor)
Lab3: Suricata Fundamentals
Lab4: Effectively Using Suricata
Lab5: Effectively Using Bro
Lab6: Effectively Using Snort
Lab7: Effectively Using Splunk Scenario 1
Lab8: Effectively Using Splunk Scenario 2
Lab9: Effectively Using ELK