Free

Enterprise Security Case Management

In this online course about Enterprise Security Case Management, you will learn about tools and techniques which help cybersecurity practitioners manage evidence and related case data to preserve their integrity.
4
Share
Start CourseSubscribe for UpdatesNeed to train your team? Learn more
Start Course for FreeNeed to train your team? Learn more
1
4
M
Time
advanced
difficulty
1
ceu/cpe

Course Content

Introduction
Core Concepts
Evidence and Case Data Storage
Workflow and Managing Cases
Assigning Access
Conclusion
Course Assessment
Course Summary

4m

Conclusion
Case Management CIA Triad

2m

Assigning Access
Priority and Severity

4m

Workflow and Managing Cases
Case/Evidence Naming Conventions

7m

Core Concepts
Logical Storage

5m

Evidence and Case Data Storage
Introduction

3m

Introduction
Deadlines and Service Level Agreements

2m

Workflow and Managing Cases
Chain of Custody

4m

Core Concepts
Physical Storage

4m

Evidence and Case Data Storage
Escalation

2m

Workflow and Managing Cases
Capturing Evidence Metadata

8m

Core Concepts
Data Retention

3m

Evidence and Case Data Storage
Contemporaneous Notes

8m

Core Concepts
Data Destruction

2m

Evidence and Case Data Storage
Data Backup

5m

Evidence and Case Data Storage
Course Description

Improper case management can lead to adverse outcomes and significantly increase the time it takes a security team to detect or respond to active threats in an enterprise environment. If and when security cases result in litigation, it is vital that the case management processes and workflows followed be unimpeachable, and that as much relevant, reliable information is captured before, during, and after executing a case.

Security of the evidence and related data are equally important. Leaving these vulnerable negatively impacts their integrity. This course will teach you concepts such as chain of custody, secure evidence and data storage, why data retention, destruction, and backup are necessary considerations, as well the best methods for capturing contemporaneous notes.

Prerequisites

  • Knowledge of incident response and handling methodologies (i.e. NIST)
  • Knowledge of the CIA triad
  • Knowledge of security principles such as least privilege and ‘need to know’
  • Experience identifying and remediating security events and incidents
  • Knowledge of SIEM and SOAR tools also beneficial

    • Course Goals

    By the end of this course, students should be able to:

  • Create and complete chain of custody and examination forms
  • Determine how and where to securely store case evidence and related data
  • Determine the best data retention, destruction, and backup procedures for their organization
    • Write comprehensive contemporaneous notes and capture information relevant to security cases

    This course is part of a Career Path:
    No items found.

    Instructed by

    Instructor
    Seth Enoka

    I am a client-focussed cybersecurity strategist and trusted adviser with proven success in improving technical security postures by delivering customised compromise assessment, threat hunting, incident response, and digital forensic services. I am an expert in end-to-end incident management, from initial scoping, planning, and team task delegation to evidence gathering, data analysis, and detailed reporting.

    I consistently assess, translate, and communicate technical data for diverse technical and non-technical audiences. I continually identify opportunities for expanding the portfolio of services and optimising service delivery. I leverage an IT background whilst overseeing network, web-based application, systems, and database assessments, ensuring well-documented, unambiguous client recommendations for handling and preventing future security incidents.

    I am proud of building, training, and mentoring agile incident response and digital forensic teams well versed in industry best practices including NIST and ISO. My specialties include Digital Forensics, Incident Response Management, Crisis Management, Cybersecurity Audits, Business Development, Intrusion Detection, and Threat Modeling.

    I believe I have reached a point in my security career where I have acquired enough knowledge to be able to give back to the security community by sharing my knowledge and experience with others in the field. I have a desire to train and mentor others interested in cybersecurity, the same way that others helped me with training and mentorship.

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a Enterprise Security Case Management Certificate of Completion

    Coming mid-July
    Cybrary Reimagined.
    Level up with structured, role-aligned career paths.
    ALL NEW!
    Cybrary Reimagined.
    Celebrate Cybersecurity Awareness Month with our buy 2, get 1 offer!
    Level up with structured, role-aligned career paths.
    Valid until October 31. Elevate your skills today!
    Start Now
    This is the default text value
    career-paths
    career-path

    Heading

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Start CourseNeed to train your team? Learn More
    Start Path for FreeNeed to train your team? Learn More
    This is some text inside of a div block.
    Share

    Purpose Statement

    Cybrary Career Paths are comprehensive training programs designed to prepare you for the most in-demand roles in the cybersecurity workforce. Each path follows a Learn, Practice, Prove model and includes different activity types aligned to key topics within the path’s security domain. As you progress through the path, your progress will be measured in real time using Experience Points (XP) that serve as a comprehensive capability score for each topic. Upon completing all of the requirements for a path, you will be rewarded with a shareable digital badge via Credly.
    This is some text inside of a div block.
    This is some text inside of a div block.
    M
    Time
    This is some text inside of a div block.
    difficulty
    This is some text inside of a div block.
    ceu/cpe

    Overview

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Frequently Asked Questions
    No items found.
    What Will I Learn?
    Foundations
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Defensive Security
    Focused on trying to find the bad guys. Topics such as threat intelligence, threat hunting, network monitoring, incident response. Defensive security is a reactive measure taken once a vulnerability is found through prevention, detection, and response.
    Engineering and Operations
    Focused on building and operating information systems.
    Governance, Risk, and Compliance
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Leadership and Management
    Focused on program design and oversight. Covers project and program management.
    Offensive Security
    Focused on validating security controls by trying to break them (i.e. penetration testing or ethical hacking). Topics such as Kali Linux, metasploit, scanning, and privilege escalation. Offensive security seeks out the problem or vulnerability through ethical hacking and finds a solution to disable the operation.
    Offensive Security
    Focused on the core IT competencies that cybersecurity professionals need to succeed in any career path.
    Path Outline

    Heading 1

    Heading 2

    Heading 3

    Heading 4

    Heading 5
    Heading 6

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Block quote

    Ordered list

    1. Item 1
    2. Item 2
    3. Item 3

    Unordered list

    • Item A
    • Item B
    • Item C

    Text link

    Bold text

    Emphasis

    Superscript

    Subscript

    Course Outline

    No items found.
    No items found.
    No items found.

    What Our Learners Are Saying

    Join 3 million+ users, including 96% of Fortune 1000 companies who use our platform to upskill their teams. See what the buzz is about - start learning for free!

    No items found.
    This is some text inside of a div block.
    threat-actor-campaigns
    threat-actor-campaigns