YoVDO

CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

Offered By: LinkedIn Learning

Tags

CompTIA Security+ (Plus) Courses Information Security Certifications Courses Incident Response Courses

Course Description

Overview

This course prepares you for the Operations and Incident Response domain of the Security+ exam, covering incident responses and investigations, as well as digital forensic techniques.

Syllabus

Introduction
  • Operations and incident response
  • What you need to know
  • Study resources
1. Incident Response Programs
  • Build an incident response program
  • Creating an incident response team
  • Incident communications plan
  • Incident identification
  • Escalation and notification
  • Mitigation
  • Containment techniques
  • Incident eradication and recovery
  • Validation
  • Post-incident activities
  • Incident response exercises
2. Attack Frameworks
  • MITRE ATT&CK
  • Diamond Model of Intrusion Analysis
  • Cyber kill chain analysis
3. Incident Investigation
  • Logging security information
  • Security information and event management
  • Cloud audits and investigations
4. Forensic Techniques
  • Conducting investigations
  • Evidence types
  • Introduction to forensics
  • System and file forensics
  • File carving
  • Creating forensic images
  • Digital forensics toolkit
  • Operating system analysis
  • Password forensics
  • Network forensics
  • Software forensics
  • Mobile device forensics
  • Embedded device forensics
  • Chain of custody
  • Ediscovery and evidence production
  • Exploitation frameworks
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Related Courses

TOTAL: CompTIA Security+ Certification Course + Exam SY0-701
Udemy
CompTIA Security+ (SY0-701) Complete Course & Exam
Udemy
Attacks, Threats, and Vulnerabilities for CompTIA Security+
Pluralsight
Cert Prep: CompTIA Security+ Exam (SY0-501): The Basics
LinkedIn Learning
CompTIA Security+ Certification - SY0-401 (2014 Objectives)
Udemy