Incident Management & Response

  • Duration: 3 days
  • Course delivery: Online/Face-to-Face
  • Course code: CQIMR
  • Cost: £1,890 + VAT

Register Your Interest

Course Registration Form

Training course outline

Incident management describes methods to identify, analyse, and correct hazards to prevent a future re-occurrence. The purpose of this course is to provide specialised and research-informed knowledge with a hands-on explication of cutting-edge incident response and digital forensics methods. The full life cycle of an incident responder is covered from building a CERT team to utilising ‘sound’ forensics tools to collect, safeguard, transport and analyse digital evidence. This includes secure stakeholder management within an organisational context fully considering ethical and professional responsibilities, but also a practical exhibition of the digital investigation process with the application of modern commercial and open-source tools.

What will I learn?

  • Demonstrate in-depth working knowledge and understanding of the principles, techniques and tools for incident response and digital investigations
  • How to autonomously implement a solid incident response plan and demonstrate strong technical proficiency in applying data collection, preservation and forensic analysis methods to specific scenarios focusing on their effectiveness, strength and weaknesses


Who should attend this training course?

The Incident Management and Response training course is designed for anyone who seeks to benefit from incident handling, digital forensics and system engineering. Delegates are expected to be familiar with Operating systems and Linux command line.

What does this training course cover?

  • The principles and elements of Incident Management
  • Guidelines for incident responders and computer forensic investigations 
  • Intrusion detection and response methods
  • Incident handling capabilities and management 
  • Intrusion monitoring and Logging, and Incident response lifecycle
  • Data acquisition and strategies for storing, preserving and analysing digital evidence 
  • Legal constraints 
  • Ethical and Professional aspects related to digital investigations
  • Principles of Digital Forensics
  • Expert testimony
  • Data acquisition and analysis
  • File systems structure and analysis including Windows/Linux OS analysis
  • Memory analysis 
  • Intrusion analysis 
  • Malware analysis 
  • Data recovery and file carving techniques 
  • Network Forensics, Internet Forensics, Traffic analysis
  • Anti-forensics techniques
  • Data hiding, Artefact wiping and trail obfuscation, Image Steganography, TCP/IP
  • Steganography

What’s included in this course?

  • Lunch and refreshments
  • Free onsite parking
  • Access to full course materials (digital copy PDF)
  • A certificate of course completion


How can I further my knowledge?

For additional training modules and more details please contact