Hello crossover,
I really like the SANS IH course as it’s a great introduction to the incident handler process and from what you’re saying, I’d think this is a good starting point.
More advanced or very focus IH courses are from US CERT
http://www.cert.org/ or one I’d love to take is Richard Bejtlich's course
http://www.blackhat.com/html/bh-ad-10/training/bh-ad-10-training_ts.htmlCOm_BOY –
If you have the time, energy, resources and luck to find everything you need and then can make sense of it online, then go for it. There’s a lot of very poor information out there on the web, so paying for training that has been peer reviewed and raved about mean you get an excellent education in a very short time space. Money outlays from courses can be a problem, but as long as it’s invested wisely, it pays for itself in the long run and over the course of your career.
I really enjoyed the back track course, but even with the 60 day labs, I was under a lot of time pressure. Given the option of having six days in a class room with like-minded people over sitting at home for a month with a million real world distractions, I’d opted for the classroom. :-)
General Certification : CPT Practical Submission
