We may earn an affiliate commission when you visit our partners.
Incident Response
Containment, Eradication and Recovery
Aaron Rosenmund
Aaron Rosenmund
Walking into an incident response situation can be intimidating. This course will teach you how to leverage the information gained from network and host analysis to limit the impact of the incident, and root out an attacker from your environment.
Read more
Walking into an incident response situation can be intimidating. This course will teach you how to leverage the information gained from network and host analysis to limit the impact of the incident, and root out an attacker from your environment.
Read more
Walking into an incident response situation can be intimidating. This course will teach you how to leverage the information gained from network and host analysis to limit the impact of the incident, and root out an attacker from your environment.
In an incident response scenario, it’s hard to know where to start. In this course, Incident Response: Detection and Analysis, you’ll learn to how to accomplish the first phase of an incident response scenario, the initial detection and analysis. First, you’ll validate and confirm that a reported event is, indeed, a security incident. Next, you’ll collect initial triage data used for developing IOC detections. Finally, you’ll learn how to assess and gather network event and host data for deeper analysis. When you’re finished with this course, you’ll have answered some initial, and critical, questions around the event, as well as come up with a lot more based on the collected triage data collected, and be able to move into the next phase of incident response.
Register for this course and see more details by visiting:
OpenCourser.com/course/pmf1wn/incident
What's inside
Syllabus
Root Cause and Scope
Network Segmentation
Eradication of Malicious Files
Recovery
Read more
Syllabus
Root Cause and Scope
Network Segmentation
Eradication of Malicious Files
Recovery
Read more
Lessons Learned
New Module
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
This course is ideal for cybersecurity professionals responsible for incident response
Teaches how to detect and analyze security incidents to minimize impact and eradicate attackers from the environment
Provides a solid foundation for beginners in incident response
Covers initial detection and analysis, including validating events, collecting triage data, and assessing network and host data
Save this course
Save Incident Response: Containment, Eradication and Recovery to your list so you can find it easily later:
Save
Save
Activities
Coming soon
We're preparing activities for
Incident Response: Containment, Eradication and Recovery.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Incident Response: Containment, Eradication and Recovery will develop knowledge and skills
that may be useful to these careers:
Incident Responder
Incident Responder
Incident Responders work with information gained from network and host analysis to limit the impact of security incidents and to root out attackers from their environments. In order to do this, they first validate and confirm that a reported event is, in fact, a security incident. Next, they collect initial triage data used for developing IOC detections. Finally, they assess and gather network event and host data for deeper analysis. This course will help train you on all of these methods.
Forensic Analyst
Forensic Analyst
Forensic Analysts collect, analyze, and document digital artifacts as part of an incident response investigation. They also bring networks and systems back online after a breach. This course can help build a foundation for a career as a Forensic Analyst by teaching you how to identify and collect digital artifacts, and how to analyze them to determine the cause of a security incident.
Security Analyst
Security Analyst
Security Analysts are responsible for monitoring and analyzing security events, and for taking action to mitigate threats. They also develop and implement security policies and procedures. This course can help build a foundation for a career as a Security Analyst by teaching you how to identify and analyze security events, and how to develop and implement security policies and procedures.
Penetration Tester
Penetration Tester
Penetration Testers are responsible for identifying and exploiting vulnerabilities in networks and systems. They also provide recommendations for remediation. This course can help build a foundation for a career as a Penetration Tester by teaching you how to identify and exploit vulnerabilities in networks and systems.
Malware Analyst
Malware Analyst
Malware Analysts are responsible for analyzing malware to determine its purpose and how to mitigate its effects. They also develop and implement malware detection and prevention strategies. This course can help build a foundation for a career as a Malware Analyst by teaching you how to analyze malware and how to develop and implement malware detection and prevention strategies.
Risk Analyst
Risk Analyst
Risk Analysts are responsible for identifying, assessing, and mitigating risks to an organization. They also develop and implement risk management strategies. This course can help build a foundation for a career as a Risk Analyst by teaching you how to identify, assess, and mitigate risks to an organization.
Security Engineer
Security Engineer
Security Engineers are responsible for designing, implementing, and maintaining security systems. They also develop and implement security policies and procedures. This course can help build a foundation for a career as a Security Engineer by teaching you how to design, implement, and maintain security systems.
Network Engineer
Network Engineer
Network Engineers are responsible for designing, implementing, and maintaining networks. They also develop and implement network security policies and procedures. This course can help build a foundation for a career as a Network Engineer by teaching you how to design, implement, and maintain networks.
Systems Administrator
Systems Administrator
Systems Administrators are responsible for managing and maintaining computer systems. They also develop and implement security policies and procedures. This course can help build a foundation for a career as a Systems Administrator by teaching you how to manage and maintain computer systems.
Database Administrator
Database Administrator
Database Administrators are responsible for managing and maintaining databases. They also develop and implement security policies and procedures. This course can help build a foundation for a career as a Database Administrator by teaching you how to manage and maintain databases.
Chief Executive Officer (CEO)
Chief Executive Officer (CEO)
CEOs are responsible for the overall management and operation of an organization. They also set the organization's strategic direction. This course may be useful for CEOs who want to learn more about incident response.
Software Developer
Software Developer
Software Developers are responsible for designing, developing, and implementing software. They also develop and implement security policies and procedures. This course may be useful for Software Developers who want to learn more about incident response.
Chief Technology Officer (CTO)
Chief Technology Officer (CTO)
CTOs are responsible for developing and implementing an organization's technology strategy. They also oversee the organization's IT department. This course may be useful for CTOs who want to learn more about incident response.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
CISOs are responsible for developing and implementing an organization's information security strategy. They also oversee the organization's incident response program. This course may be useful for CISOs who want to learn more about incident response.
IT Manager
IT Manager
IT Managers are responsible for managing and overseeing IT departments. They also develop and implement IT policies and procedures. This course may be useful for IT Managers who want to learn more about incident response.
For more career information including salaries, visit:
OpenCourser.com/course/pmf1wn/incident
Reading list
We've selected 11 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Incident Response: Containment, Eradication and Recovery.
Provides a comprehensive overview of network security assessment. It covers the fundamentals of network security assessment, including vulnerability scanning, penetration testing, and security auditing. It valuable resource for anyone who wants to learn more about network security assessment.
Provides a comprehensive overview of security engineering. It covers the fundamentals of security, including cryptography, network security, and operating system security. It valuable resource for anyone who wants to learn more about security engineering.
Provides a comprehensive overview of malware analysis. It covers the fundamentals of malware analysis, including reverse engineering, static analysis, and dynamic analysis. It valuable resource for anyone who wants to learn more about malware analysis.
Provides a comprehensive overview of hacking. It covers the fundamentals of hacking, including network security, web security, and operating system security. It valuable resource for anyone who wants to learn more about hacking.
Provides a comprehensive overview of Metasploit. It covers the fundamentals of Metasploit, including module development, payload creation, and exploitation. It valuable resource for anyone who wants to learn more about Metasploit.
Save
Provides a comprehensive overview of Wireshark. It covers the fundamentals of Wireshark, including packet capture, protocol analysis, and filtering. It valuable resource for anyone who wants to learn more about Wireshark.
Provides a comprehensive overview of security incident response. It valuable resource for anyone who is involved in incident response.
Provides a comprehensive overview of malware forensics. It valuable resource for anyone who wants to learn more about this topic.
Save
Provides insights into the human element of security. It discusses how attackers use deception to compromise systems and how defenders can use deception to protect their systems. It valuable resource for anyone who wants to learn more about the human element of security.
Save
Provides a comprehensive overview of reverse engineering. It covers the fundamentals of reverse engineering, including disassembly, decompilation, and debugging. It valuable resource for anyone who wants to learn more about reverse engineering.
Save
Provides a comprehensive overview of network forensics. It valuable resource for anyone who wants to learn more about this topic.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/pmf1wn/incident
Share
Similar courses
Here are nine courses similar to
Incident Response: Containment, Eradication and Recovery.
Incident Response: Detection and Analysis
OpenCourser.com/course/qcfqtm/incident
Incident Response: Detection and Analysis
Most relevant
Incident Response: Host Analysis
OpenCourser.com/course/scq7r3/incident
Incident Response: Host Analysis
Most relevant
Incident Response: Network Analysis
OpenCourser.com/course/v7cxl4/incident
Incident Response: Network Analysis
Most relevant
Cyber Incident Response
OpenCourser.com/course/gd0dxd/cyber
Cyber Incident Response
Most relevant
Technical Deep Dive with Incident Response Tools
OpenCourser.com/course/lvc528/technical
Technical Deep Dive with Incident Response Tools
Most relevant
Stages of Incident Response
OpenCourser.com/course/56jq3r/stages
Stages of Incident Response
Most relevant
Live Response and Forensics with PowerShell
OpenCourser.com/course/2tbcvf/live
Live Response and Forensics with PowerShell
Most relevant
OS Analysis with RegRipper
OpenCourser.com/course/ci55la/os
OS Analysis with RegRipper
Most relevant
Operations and Incident Response for CompTIA Security+
OpenCourser.com/course/29q0py/operations
Operations and Incident Response for CompTIA Security+
Most relevant
Time
66 hours
Level
Intermediate
Via
Pluralsight
Instructor
Aaron Rosenmund
Language
English
Good to know
This course is ideal for cybersecurity professionals responsible for incident response
Teaches how to detect and analyze security incidents to minimize impact and eradicate attackers from the environment
Provides a solid foundation for beginners in incident response
Covers initial detection and analysis, including validating events, collecting triage data, and assessing network and host data
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser