Incident Response Planning

سرفصل های دوره

If your organization is the victim of a cyberattack, are you ready to respond? In this course, cybersecurity trainer Jason Dion teaches you how to create, provision, and operate a formal, effective incident response capability within your organization to minimize the damage a cyberattack could cause. Jason guides you through incident response planning, including events, incidents, policies, plans, and procedures. He covers gathering and training your incident response team, as well as establishing and maintaining needed communications. Jason guides you through preparing for an incident and explains how to detect and analyze an incident. Plus, he goes over containment, eradication, recovery, and post-incident activities. Jason fully covers the guidance provided in the NIST SP 800-61, as well as recommendations based upon practical experience from the field.

This course was created by Jason Dion. We are pleased to host this training in our library.

01 - Introduction

01 - Overview

02 - Why do you need a plan

03 - Lifecycle of an incident response

04 - Review Introduction

02 - 1. Incident Response Planning

01 - Incident response planning

02 - Events and incidents

03 - Policy, plans, and procedures

04 - Policy elements

05 - Plan elements

06 - Procedure elements

07 - Review Incident response planning

03 - 2. Incident Response Team

01 - Incident response team

02 - Incident response team structure

03 - Types of teams

04 - Selecting a team model

05 - Team members

06 - Leading a team

07 - Organizational dependencies

08 - Review Incident response team

04 - 3. Communication

01 - Communication

02 - Coordinating your efforts

03 - Internal information sharing

04 - Business impact analysis

05 - Technical analysis

06 - External information sharing

07 - Review Communication

05 - 4. Preparation

01 - Preparation

02 - Communications and facilities

03 - Hardware and software

04 - Technical resources and information

05 - Software resources

06 - Incident prevention

07 - Review Preparation

06 - 5. Detection and Analysis

01 - Detection and analysis

02 - Attack vectors

03 - Detecting an incident

04 - Indicators of compromise

05 - Conducting analysis

06 - Documenting the incident

07 - Prioritizing the incident

08 - Notification procedures

09 - Review Detection and analysis

07 - 6. Containment, Eradication, and Recovery

01 - Containment, eradication, and recovery

02 - Containment strategy

03 - Evidence collection and handling

04 - Identifying the attacker

05 - Eradication and recovery

06 - Review Containment, eradication, and recovery

08 - 7. Post-Incident Activity

01 - Post-incident activity

02 - Lessons learned

03 - Metrics and measures

04 - Evidence retention

05 - Calculating the cost

06 - Review Post-incident activity

09 - Conclusion

01 - What to do next

179,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)