Loading...

Course Description

This course will focus on incident detection and response. Topics will include: defining a security incident and explaining the incident response lifecycle, including the roles and responsibilities of incident response teams, analyzing and interpreting network communications to detect security incidents using packet sniffing tools. It will also explore the incident investigation and response processes and procedures and the use of Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tools.

Learner Outcomes

- Explain the lifecycle of an incident.

- Describe the tools used in documentation, detection, and management of incidents.

- Illustrate and explain fundamental architectures of networks and the Internet, as well as their underlying principles.

- Analyze packets to interpret network communications.

- Identify and critically assess issues and concepts related to the protection of information and information systems.

- Perform artifact investigations to analyze and verify security incidents.

- Use risk management principles to assess threats, vulnerabilities, countermeasures and impact contributions at risk in information systems.

- Identify the steps to contain, eradicate, and recover from an incident.

- Determine how to read and analyze logs during incident investigation.

- Interpret the basic syntax and components of signatures and logs in Intrusion Detection Systems (IDS) and Network Intrusion Detection Systems (NIDS) tools.

- Perform queries in Security Information and Event Management (SIEM) tools to investigate an event.

Prerequisites

Cybersecurity Fundamentals and Networking & Network Security
Loading...
Thank you for your interest in this course. Unfortunately, the course you have selected is currently not open for enrollment. Please complete a Course Inquiry so that we may promptly notify you when enrollment opens.
Required fields are indicated by .