Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Video Description
This lesson covers incident response policies which include: · Who does what · Prioritization · "Do the thinking for you' · Have both broad and fine details When drafting a security policy, it is important to consider what is permitted and not permitted on your network. Remember, it is not an incident if nothing is violated. The policy needs to address the following: · Network traffic · Host applications · Web, e mail, FTP · User account activity · Administrator account activity · Guest/other account activity In case there is lack of policy, should an incident occur, notify senior management, form an Ad hoc team and get the necessary assistance.
Course Modules
Incident Response & Advanced Forensics
Introduction
Incident Response Policy
07:41
Part 1 - An Overview of Incident Response Policy
10:39
Part 2 - The Elements of an Incident Response Policy
07:21
Part 3 - The Role of Communication with Law Enforcement when it comes to security
09:41
Part 4 - The Different Types of Incident Response Teams
07:35
Part 5 - Outsourcing Considerations
09:11
Part 6 - The Role of the Incident Response Manager
04:49
Part 7 - What does an Incident Response team do?
Incident Handling
09:37
Part 1 - An Introduction to Incident Handling
09:02
Part 2 - CIRC Team Composition
05:53
Part 3 - Incident Response Policies
08:41
Part 4 - The REACT Principle
07:39
Part 5 - Maintaining the Integrity of the Scene following an incident
10:16
Part 6 - The Content of Notice
06:49
Part 7 - The Respond Part of Incident Response
Legal Aspects of Incident Handling
08:03
Part 1 - An Introduction to legal considerations of incident response
09:17
Part 2 - Expectation of Privacy
09:54
Part 3 - Personally Identifiable Information (PII)
10:16
Part 4 - Giving notice to individuals
06:07
Part 5 -Benefits of Information Sharing
07:59
Part 1 - Forensics in Support of an Incident Response
Incident Forensics
08:40
Part 2 - The Phases of Investigation
10:12
Part 3 - The Preservation Phase of Investigation
09:04
Part 4 - Keys of Preservation
08:13
Part 5 - Volatile Data Considerations
08:01
Part 6 - Capturing the data
10:36
Part 7 - Imaging concepts
12:37
Part 8 - Volatile Memory Capture
10:41
Part 9 - Forensics in Support of Incident Response
09:27
Part 10 - Formatting a disk for Incident Response
09:01
Part 11 - Using the FTK Imaging Software
08:24
Part 12 - The Forensic Acquisition of Data from a PC
10:41
Part 13 - Navigating the H Drive
05:57
Part 14 - Obtaining the Windows Bitlocker Encryption Keys
05:20
Part 15 - Obtaining the Windows Bitlocker Encryption Keys (continued)
13:13
Part 16 - The Autopsy Program
Insider Threat
10:55
Part 1 - What is Insider Threat?
04:24
Part 2 - American Superconductor Case Study
15:32
Part 3 - Indicators to identify an insider threat
08:15
Part 4 - Using Automated processes to look for indicators of in insider threats
08:32
Part 5 - Policy Enforcement
08:52
Part 6 - Policies and procedures
09:29
Part 7 - Policies and procedures (continued)
08:24
Part 8 - Policies and procedures (continued)
09:28
Part 1 - Malware incidents
07:04
Part 2 - Setting up a Virtual Machine
09:42
Part 3 - Dynamic Analysis
14:10
Part 1- Incident Recovery
07:35
Part 2 - Resiliency: The Answer to the Cyber Security Paradox
Instructed By
Max Alexander
Instructor