Planning a Security Incident Response
Offered By: Microsoft via edX
Course Description
Overview
This course is designed to help you manage an enterprise security incident, while avoiding common errors, increasing both the effectiveness and efficiency of your incident response efforts.
Note: These courses will retire in June. Please enroll only if you are able to finish your coursework in time.
Syllabus
Module 1
- Introduction
- What is threat modelling?
- The need for incident response plans
- Assess vulnerabilities in your environment
- Establish routine monitoring and review of network traffic and system performance
- Log analysis
Module 2
- Incident Response Policy, Plan, and Procedure Creation
- Creation of a CSIRT
- Establish CSIRT team roles
- Establish governing policy
Module 3
- Initial assessment of incident
- Attack vectors
- What are false positives and false negatives?
- Determine the nature of the attack
- Identify the systems that have been compromised
- Choosing a containment strategy
Module 4
- Post-incident activity
- Protect the evidence while restoring functionality
- Recommendations and Lessons learned
- Security incident report
Taught by
Philip E. Helsel and Kimberly Rasmusson-Anderson
Tags
Related Courses
Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)Amazon Web Services via AWS Skill Builder AWS Certified DevOps Engineer – Professional
A Cloud Guru AWS Certified DevOps Engineer - Professional 2020
A Cloud Guru CompTIA CySA+ Certification
A Cloud Guru Advanced Network Security
LearnQuest via Coursera