I had the chance to watch all the videos for Certified Incident Handling Engineer Mile2 through Career Academy.
These videos where straight to the point where you can get pretty good knowledge of the whole Incident Handling process.
This is the list of videos:
Course 01 - Course Introduction
Course 02 - Threats, Vulnerabilities and Exploits
Course 03 - IH Preparation
Course 04 - Request Tracker for Incident Handling
Course 05 - Preliminary Response
Course 06 - Identification and Initial Response
Course 07 - Sysinternals
Course 08 - Containment
Course 09 - Eradication
Course 10 - Follow-up
Course 11 - Recovery
Course 12 - Virtualization Security
Course 13 - Malware Incident Handling
In the first two chapters give you an introduction and a lot of information about the threats, vulnerabilities and incidents.
Then IH Preparation chapter talk about what kind of communication we have to have with Management in case something happen, notice this chapter is for preparation. Also mention what to do in some cases like Turn off the server or trying to obtain information of the incident with the server on.
Chapter 04 was new for me, Request Tracker for incidents and explained one software to track the incident
Chapter 06 Identification and Initial Response expressed what to see to identify the incident and some examples and report procedures.
Chapter 07 Sysinternals was very instructive, mention the different tools we can use for an incident.
Chapter 08 is very delighted, Containment. How to stop potential loss, further damage and also identify clearly what computers were engage with the incident. Also enphisy the criteria to determine the right stategy.
Chapter 11 Recovery list in details what to do to recovery a system and how to validate the system before put it in production.
During the training enphasice the lesson learn in the process.
These videos are good, I recommend to watch it, if I put my hands in the printer material I will do a review on it.
Mile2 contacted us and provided this discount code for 2016: BN16a
Please give us your feedback in http://www.learn-security.net/forum/