Incident Detection and Response
(ISC)² Systems Security Certified Practitioner (SSCP) ,
Course 7: Incident Detection and Response Welcome to course seven, Incident Detection and Response. Having an intruder inside your systems for months unnoticed by your systems, administrators, security specialists, and end-users is tantamount to giving the intruder, the keys to your business or organization. In many cases, organizations discover that they have been subjected to a data breach when they are told by others that their private data has been offered for sale on the dark web. Many leading voices within the security profession state that we all must do better to detect the intruders in our myths. Many people even say that detecting intruders should be the priority for security professionals. Ransomware attacks have become a big business involving not only large scale extortion attacks, but also the sell of ransomware attack tools and services, as well as the exploitation of any data ex-filtrated during the breach. Government officials and industry professionals worldwide have been raising their voices about this new and very troubling variant in the business model of advanced persistent threat or APT attackers. In this chapter, we'll focus on intrusion and incident detection. Many of the tools, techniques, technologies, and ideas, you'll see here have already been examined in previous chapters. This course brings them together and begins by discussing the central theme of detecting the intruder. Model one uses the concepts of precursors and indicators, the signals that give us advanced warning and a genuine alert about a risk event and the indicators of compromise concept which are those signals that we're certain can only mean a hostile agent has gained access. Module two will extend these ideas and concepts around the idea of what to do after you've discovered a possible intrusion, expanding your understanding of incident response. Module three continues with a deeper look at supporting forensic investigations. Forensics is an evidence-based process of logically and dispassionately reasoning about a situation or an event. It's your inner child, looking at something and asking questions. Then following each of those questions with more questions, letting the facts that you find frame and shape your growing understanding of what happened, how why and where, who did it and what impacts it may have. With these questions answered you can circle back to reviewing risk mitigation controls to see which if any, need to be modified, replaced or augmented. Course 7 Learning Objectives After completing this course, the participant will be able to: L7.1 - Review the steps for monitoring, incident detection and data loss prevention using all-source intelligence. L7.2 - Identify the elements of an incident response policy and members of the incident response team (IRT). L7.3 - Classify the security professional’s role in supporting forensic investigations. Course Agenda Module 1: Operate All-source Intelligence for Monitoring and Incident Detection (Domain 3 - Risk Identification, Monitoring, and Analysis) Module 2: Support Incident Lifecycle (Domain 4 - Incident Response and Recovery) Module 3: Understand and Support Forensic Investigations (Domain 4 - Incident Response and Recovery) Who Should Take This Course: Beginners Experience Required: No prior experience required
Get a Reminder
Rating | Not enough ratings |
---|---|
Length | 3 weeks |
Starts | Jul 3 (46 weeks ago) |
Cost | $49 |
From | (ISC)² via Coursera |
Instructor | (ISC)² Education & Training |
Download Videos | On all desktop and mobile devices |
Language | English |
Subjects | Programming IT & Networking |
Tags | Computer Science Computer Security And Networks Security Information Technology |
Get a Reminder
Similar Courses
Careers
An overview of related careers and their average salaries in the US. Bars indicate income percentile.
Senior Fraud Detection Rep $45k
Behavior Detection Officer Lead $58k
Threat Detection & Incident Response... $65k
Global Incident Analyst $68k
IT Incident Analyst $69k
CybserSecurity Incident Handler $74k
Cyber Incident Responder $75k
Incident Management Specialist $79k
Intrusion Detection Engineer $89k
IT Incident Management Coordinator $90k
Field Automation Engineer, Detection $94k
Senior Fraud Detection Analyst $144k
Write a review
Your opinion matters. Tell us what you think.
Please login to leave a review
Rating | Not enough ratings |
---|---|
Length | 3 weeks |
Starts | Jul 3 (46 weeks ago) |
Cost | $49 |
From | (ISC)² via Coursera |
Instructor | (ISC)² Education & Training |
Download Videos | On all desktop and mobile devices |
Language | English |
Subjects | Programming IT & Networking |
Tags | Computer Science Computer Security And Networks Security Information Technology |
Similar Courses
Sorted by relevance
Like this course?
Here's what to do next:
- Save this course for later
- Get more details from the course provider
- Enroll in this course