Certified Cyber Incident Response Manager
As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.
The Certified Cyber Incident Response Manager certification course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Practical lab exercises utilize Wireshark, a packet capturing tool used in real-world investigations.
Certified Cyber Security Operations Manager
Organizations face ongoing threats to their information technology infrastructure on a daily basis. These security struggles need to be approached with modern techniques, a holistic view of security, and a diverse body of knowledge. With the proper tools and training, managers in the Information Security and Cyber Security fields will be much more capable of finding success within their roles.
The Certified Cyber Security Operations Manager certification course brings Cyber Security core competencies to advanced levels with new concepts and traditional best practices. Using 16 detailed learning objects, students will be provided with the knowledge and context needed to successfully manage the security of their technical environments. Focusing on the Information Security concerns of today, students will cover topics such as Cloud Security, Threat Intelligence Collection and Analysis, Vulnerability Management, Biometric Security Systems, Incident Response, Asset Management, and the NICE Cybersecurity Workforce Framework.
Certified Disaster Response & Recovery Manager
Business Continuity and Disaster Response and Recovery is the process of preparing processes, policies, and procedures that follow in the event of a significant and unplanned operational disruption. The Certified Disaster Response and Recovery Manager training course prepares students for industry certification in Business Continuity planning and Disaster Recovery missions.
As businesses face a wide range of daily risks – including cyber-attacks, human error, technical failures, and natural disasters – it is vital they create practical plans to sustain their security posture, financial health, and industry and brand reputation to maintain long-term success. Students will cover topics such as: BCP Design and Development Strategies, Selection of Risk Management Frameworks, Qualitative and Quantitative Analysis Strategies, Creating Asset Inventories and Resource Profiles, Recovery Site Management and Workflows, Reviewing Cloud Computing Service Agreements, Cloud Data Security Strategies, and the Impact of Legal Requirements on Cloud Storage Solutions.
Certified Darknet Intelligence Collection Manager
As sensitive personal and financial data continue to be targeted in sophisticated compromises, the emergence of Darknet markets has provided malicious actors with a safe haven for conducting illegal transactions. The ability to locate stolen data, maintain anonymity, collect evidence, and identify malicious actors is crucial to Threat Intelligence programs.
The Certified Darknet Intelligence Collection Manager certification course brings Intelligence Collection core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to navigate and investigate the Darknet’s markets, communities, and forums. With a specific focus on intelligence collection and the use of crypto-currencies, students will cover topics such as Tor Websites and Hidden Services, Darknet Markets and Services, Digital Money and E-Wallets, and Fundamentals of Blockchain Technology. Practical lab exercises cover a variety of topics relevant to Darknet investigations.
Certified Network Forensic Analysis Manager
The Certified Network Forensic Analysis Manager certification course was originally developed for the U.S. government, and has now been made available to city, county, and state law enforcement agencies. Civilian personnel outside the law enforcement community are also authorized to attend on a case-by-case basis.
This comprehensive course brings incident response and network forensic core competencies to advanced levels by presenting students with 12 detailed learning objectives. Students will be provided with both experiential knowledge and practical skills that simulate real-world scenarios, investigations, and recovery of evidentiary data in systems and networks. With a specific focus on the centralizing and investigating of logging systems and network devices, students will cover topics such as: Incident Response Management; Live Data Collection; Analysis Methodology; Malware Triage; and, practical lab exercises utilizing the Wireshark packet capturing tool for network investigations.
Certification Renewal and Expiration
All Phase2 Advantage certifications are valid for three years from the date of issuance. Individuals may renew their certification by attending any course(s) listed on the NICCS website providing 40 CPE credits and submitting documentation confirming their attendance. For additional information, please visit the Phase2 Advantage CPE Requirements page.