Certified Cyber Incident Response Manager (C-CIRM)


Request a call


As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation.


This training course brings Incident Response core competencies to advanced levels by presenting students with 16 detailed learning objectives. Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Creating Playbooks, and Malware Triage. Lab exercises utilize the Project Ares Cyber Range and Wireshark network protocol analyzer software.


The Certified Cyber Incident Response Manager course is a component of the career progression track that supports the required Categories, Specialty Areas and Work Roles as defined by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.  It provides a common language to speak about cyber roles and jobs and can be referenced to define professional requirements in cybersecurity.


Course Outline and Learning Objectives

  1. Overview of The Incident Response Life Cycle
  2. Understanding the Threat Landscape
  3. Building an Effective Incident Response Capability
  4. Preparing for Incident Response Investigations
  5. Vulnerability Assessment and Management
  6. Identifying Network and System Baselines
  7. Indicators of Compromise and Threat Identification
  8. Investigative Principles and Lead Development
  9. Threat Intelligence Collection and Analysis
  10. Overview of Data Forensics and Analysis
  11. Host-Based Data Collection Practices
  12. Network-Based Data Collection Practices
  13. Static and Dynamic Malware Triage
  14. Incident Reporting and Lessons Learned
  15. Creating Playbooks and Response Scenarios

Course Training Materials

  1. Exam Prep Guide
  2. Course Workbook & Labs
  3. Lab Images (if Applicable)
  4. Practice Assessment Quizzes
  5. 40-Hour CPE Credit Certificate
  6. Knowledge Assessment Examination

Knowledge Assessment Exam

Upon completion of online courses, students will be prepared to sit for the knowledge assessment exam. The online examination will consist of True/False, Multiple Choice, and Fill in the Blank questions. The exam may be taken at any time within 6 months of completing the certification course.


Students will have two hours to complete a computer-based examination consisting of 100 questions. A score of 70% or higher is required to earn the certification. Upon successful completion of the exam, students will be sent a hardcopy of their certification and their CPE credit documentation via email (PDF format) within 72-hours of the exam date.


The examination is “closed book.” However, students will be allowed to use their notes on material presented during the course as well as their Course Workbooks.


For registration information, please call us at +971 4 279 1474, WhatsApp 050 4795503 or email: [email protected]

For information about the course content or Cyber Security @BUID, please contact:

Dr Cornelius Ncube, email: [email protected]  or +971 56 8346725

The British University in Dubai

Block 11, 1st and 2nd floor, Dubai International Academic City PO Box 345015, Dubai, UAE

Tel: +971 4 279 1400

Whatsapp: +971 50 701 2843

Email: [email protected]