Enterprise Security Case Management

Cybrary
Course

In this online course about Enterprise Security Case Management, you will learn about tools and techniques which help cybersecurity practitioners manage evidence and related case data to preserve their integrity.

Time
1 hour 4 minutes
Difficulty
Advanced
CEU/CPE
1
Share
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

This Course is part of a Career Path: Become a CISO

LEARN MORE. ACHIEVE MORE.

Follow A Path

Deciphering the essentials to enter a new career is hard, so we did it for you!

Focus on building your skills and take this course in a guided Career Path.

Course Description

Improper case management can lead to adverse outcomes and significantly increase the time it takes a security team to detect or respond to active threats in an enterprise environment. If and when security cases result in litigation, it is vital that the case management processes and workflows followed be unimpeachable, and that as much relevant, reliable information is captured before, during, and after executing a case.

Security of the evidence and related data are equally important. Leaving these vulnerable negatively impacts their integrity. This course will teach you concepts such as chain of custody, secure evidence and data storage, why data retention, destruction, and backup are necessary considerations, as well the best methods for capturing contemporaneous notes.

Prerequisites

  • Knowledge of incident response and handling methodologies (i.e. NIST)
  • Knowledge of the CIA triad
  • Knowledge of security principles such as least privilege and ‘need to know’
  • Experience identifying and remediating security events and incidents
  • Knowledge of SIEM and SOAR tools also beneficial

Course Goals

By the end of this course, students should be able to:

  • Create and complete chain of custody and examination forms
  • Determine how and where to securely store case evidence and related data
  • Determine the best data retention, destruction, and backup procedures for their organization
  • Write comprehensive contemporaneous notes and capture information relevant to security cases
Instructed By
Seth Enoka
Seth Enoka
Consultant
Instructor
Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a Enterprise Security Case Management Certificate of Completion

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.

Career Paths