This lesson offers an introduction into incident handling and the first step in this process is an understanding of the incident response life cycle. This can have, on average, 5-7 stages. Ideally, incident response needs to begin before the compromise even happens and continue after it is mitigated. When incidents occur, prioritizing them is key as not all incidents require the same response. For instance, SPAM e mails do not require the same attention as a DDOS attack nor do they require a forensic investigation. Having a good cyber incident response team in place is crucial in the event of a compromise. This team consists of the: · Director · Lead investigator · Forensic technicians · Response handler · Evidence handler · Legal advisor
Incident Response and Advanced Forensics
In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.