Incident response practice

About the course

This hands-on training course aims to deliver fundamental theoretical and practical skills to handle and respond to computer security incidents. The course addresses underlying principles and techniques for detecting and responding to current and emerging computer security threats. Several different incident handling cases are simulated to students with a focus on incident detection and description, information gathering, analysis tools and techniques, and incident handling phases by using RTIR (or related) tools. All teaching material is based on illustrative real-life cases and their analysis.


NRD Cyber Security as an ITU Centre of Excellence work programme developed this course and it has been designed for Computer Security Incident Response Teams (CSIRT), Security Operation Centre (SOC) members, all incident handlers, IT professionals, and anyone who is interested in incident handling and response

Po šių mokymų dalyviai gebės:


After the course, you will be able to

Apply incident response general workflow principles


Follow the incident response procedure by using the RTIR tool


Conduct basic analysis of email messages and retrieve actionable data from email headers


Investigate incidents by executing the system event log analysis


Carry out incident root cause analysis


Perform basic network forensics analysis

Paulius Daukšas
Cybersecurity consultant

For more information, please contact
Tel.: +370 680 18 058

Let's get in touch