Course Outline

Introduction to Incident Handling and Response

  • Overview of Information Security Concepts
  • Understanding Information Security Threats and Attack Vectors
  • Understanding Information Security Incident
  • Overview of Incident Management
  • Overview of Vulnerability Management
  • Overview of Threat Assessment
  • Understanding Risk Management
  • Understanding Incident Response Automation and Orchestration
  • Incident Handling and Response Best Practices
  • Overview of Standards
  • Overview of Cybersecurity Frameworks
  • Importance of Laws in Incident Handling
  • Incident Handling and Legal Compliance

Incident Handling and Response Process

  • Overview of Incident Handling and Response (IH&R) Process
  • Step 1: Preparation for Incident Handling and Response
  • Step 2: Incident Recording and Assignment
  • Step 3: Incident Triage
  • Step 4: Notification
  • Step 5: Containment
  • Step 6: Evidence Gathering and Forensics Analysis
  • Step 7: Eradication
  • Step 8: Recovery
  • Step 9: Post-Incident Activities

Forensic Readiness and First Response

  • Introduction to Computer Forensics
  • Overview of Forensic Readiness
  • Overview of First Response
  • Overview of Digital Evidence
  • Understanding the Principles of Digital Evidence Collection
  • Collecting the Evidence
  • Securing the Evidence
  • Overview of Data Acquisition
  • Understanding the Volatile Evidence Collection
  • Understanding the Static Evidence Collection
  • Performing Evidence Analysis
  • Overview of Anti-Forensics

Handling and Response to Malware Incidents

  • Overview of Malware Incident Response
  • Preparation for Handling Malware Incidents
  • Detecting Malware Incidents
  • Containment of Malware Incidents
  • Eradication of Malware Incidents
  • Recovery after Malware Incidents
  • Guidelines for Preventing Malware Incidents

Handling and Responding to Email Security Incidents

  • Overview of Email Security Incidents
  • Preparation for Handling Email Security Incidents
  • Detection and Containment of Email Security Incidents
  • Eradication of Email Security Incidents
  • Recovery after Email Security Incidents

Handling and Responding to Network Security Incidents

  • Overview of Network Security Incidents
  • Preparation for Handling Network Security Incidents
  • Detection and Validation of Network Security Incidents
  • Handling Unauthorized Access Incidents
  • Handling Inappropriate Usage Incidents
  • Handling Denial-of-Service Incidents
  • Handling Wireless Network Security Incidents

 

Handling and Responding to Web Application Security Incidents

  • Overview of Web Application Incident Handling
  • Web Application Security Threats and Attacks
  • Preparation to Handle Web Application Security Incidents
  • Detecting and Analyzing Web Application Security Incidents
  • Containment of Web Application Security Incidents
  • Eradication of Web Application Security Incidents
  • Recovery from Web Application Security Incidents
  • Best Practices for Securing Web Applications

Handling and Responding to Cloud Security Incidents

  • Cloud Computing Concepts
  • Overview of Handling Cloud Security Incidents
  • Cloud Security Threats and Attacks
  • Preparation for Handling Cloud Security Incidents
  • Detecting and Analyzing Cloud Security Incidents
  • Containment of Cloud Security Incidents
  • Eradication of Cloud Security Incidents
  • Recovering from Cloud Security Incidents
  • Best Practices Against Cloud-based Incidents

Handling and Responding to Insider Threats

  • Introduction to Insider Threats
  • Preparation for Handling Insider Threats
  • Detecting and Analyzing Insider Threats
  • Containment of Insider Threats
  • Eradication of Insider Threats
  • Recovery after Insider Attacks
  • Best Practices Against Insider Threats

Requirements

  • It is recommended that you have at least 1 year of experience in the cybersecurity domain in order to maximize course outcomes.
 21 Hours

Testimonials (1)

Related Categories