Course Content

Introduction

08:41
Part 1 - An Overall View of the Course
10:16
Part 2 - The Humans Behind Cyber Security Incidents
08:35
Part 3 - The Sony Hack Case Study

Incident Response Policy

07:41
Part 1 - An Overview of Incident Response Policy
10:39
Part 2 - The Elements of an Incident Response Policy
07:21
Part 3 - The Role of Communication with Law Enforcement when it comes to security
09:41
Part 4 - The Different Types of Incident Response Teams
07:35
Part 5 - Outsourcing Considerations
09:11
Part 6 - The Role of the Incident Response Manager
04:49
Part 7 - What does an Incident Response team do?

Incident Handling

09:37
Part 1 - An Introduction to Incident Handling
09:02
Part 2 - CIRC Team Composition
05:53
Part 3 - Incident Response Policies
08:41
Part 4 - The REACT Principle
07:39
Part 5 - Maintaining the Integrity of the Scene following an incident
10:16
Part 6 - The Content of Notice
06:49
Part 7 - The Respond Part of Incident Response

Legal Aspects of Incident Handling

08:03
Part 1 - An Introduction to legal considerations of incident response
09:17
Part 2 - Expectation of Privacy
09:54
Part 3 - Personally Identifiable Information (PII)
10:16
Part 4 - Giving notice to individuals
06:07
Part 5 -Benefits of Information Sharing
07:59
Part 1 - Forensics in Support of an Incident Response

Incident Forensics

08:40
Part 2 - The Phases of Investigation
10:12
Part 3 - The Preservation Phase of Investigation
09:04
Part 4 - Keys of Preservation
08:13
Part 5 - Volatile Data Considerations
08:01
Part 6 - Capturing the data
10:36
Part 7 - Imaging concepts
12:37
Part 8 - Volatile Memory Capture
10:41
Part 9 - Forensics in Support of Incident Response
09:27
Part 10 - Formatting a disk for Incident Response
09:01
Part 11 - Using the FTK Imaging Software
08:24
Part 12 - The Forensic Acquisition of Data from a PC
10:41
Part 13 - Navigating the H Drive
05:57
Part 14 - Obtaining the Windows Bitlocker Encryption Keys
05:20
Part 15 - Obtaining the Windows Bitlocker Encryption Keys (continued)
13:13
Part 16 - The Autopsy Program

Insider Threat

10:55
Part 1 - What is Insider Threat?
04:24
Part 2 - American Superconductor Case Study
15:32
Part 3 - Indicators to identify an insider threat
08:15
Part 4 - Using Automated processes to look for indicators of in insider threats
08:32
Part 5 - Policy Enforcement
08:52
Part 6 - Policies and procedures
09:29
Part 7 - Policies and procedures (continued)
08:24
Part 8 - Policies and procedures (continued)
09:28
Part 1 - Malware incidents
07:04
Part 2 - Setting up a Virtual Machine
09:42
Part 3 - Dynamic Analysis
14:10
Part 1- Incident Recovery
07:35
Part 2 - Resiliency: The Answer to the Cyber Security Paradox

0P3N

10:00
Introduction to SIEM

CH4NN3LS

10:00
Responding to Cyber Security Incidents
10:00
Mastering Cyber Attribution
00:00
Incident Response & Advanced Forensics

Course Description

What is Incident Response? Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack. Why do I need this certification? As a part of the Incident Response process, professionals will need to establish a formal response process, along with how to capture, record and track incidents and understand what that data can reveal. What will I learn? The primary goal of this course is to prepare professionals for common knowledge of CIRT practices. Get your Incident Response and Advanced Forensics Certification Today: The Incident Response Micro Certification is developed to teach the best practices in identifying a security incident, as well as how to respond. Computer security incident activity can be defined as network or host activity that potentially threatens the security of computer systems. Generally speaking, most organizations have a Computer Incident Response Team (CIRT) in place to handle such incident, but regardless if of their existence in your organization or not, each company will need to define what a computer security incident is specific to their site. As a part of the Incident Response process, professionals will need to establish a formal response process, along with how to capture, record and track incidents and understand what that data can reveal. Likewise, you?ll learn how incident reporting contributes to improved training, improved security practices and what types of adverse impacts not having a sound incident response and reporting system would produce. The primary goal of this course is to prepare professionals for common knowledge of CIRT practices.

Instructed By

Instructor Profile Image
Max Alexander
Instructor

Provided By

Cybrary Logo

Course Components

On Demand Videos from industry leaders
Assessments to gauge understanding and comprehension

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Incident Response & Advanced Forensics Certificate of Completion