Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response

2h 3mBeginner2020-12-09

Authors

Mike Chapple

Mike Chapple

Teaching Professor at the University of Notre Dame

Course details

This course covers cybersecurity operations and incident response to prepare for the Security+ exam, an entry-level exam for cybersecurity professionals. Instructor Mike Chapple covers topics such as designing an incident response program, conducting incident investigations, and using digital forensic techniques. Mike explains how to develop a solid foundation for an organization's information security incident response program. He goes over the process of selecting and training a diverse incident response team and incident communications plan. He details incident identification, escalation, and notification, then goes into how to mitigate and recover from incidents. Mike discusses attack frameworks such as the MITRE ATT&CK framework, the Diamond Model of Intrusion Analysis, and cyber kill chain analysis. He walks through all the steps of incident investigation, then introduces you to a variety of forensic techniques you may use in investigations.

Skills covered

Incident ResponseCybersecurityCert Prep

Concepts

0. Introduction

  • 01 - Operations and incident response
  • 02 - What you need to know
  • 03 - Study resources

1. Incident Response Programs

  • 04 - Build an incident response program
  • 05 - Creating an incident response team
  • 06 - Incident communications plan
  • 07 - Incident identification
  • 08 - Escalation and notification
  • 09 - Mitigation
  • 10 - Containment techniques
  • 11 - Incident eradication and recovery
  • 12 - Validation
  • 13 - Post-incident activities
  • 14 - Incident response exercises

2. Attack Frameworks

  • 15 - MITRE ATT&CK
  • 16 - Diamond Model of Intrusion Analysis
  • 17 - Cyber kill chain analysis

3. Incident Investigation

  • 18 - Logging security information
  • 19 - Security information and event management
  • 20 - Cloud audits and investigations

4. Forensic Techniques

  • 21 - Conducting investigations
  • 22 - Evidence types
  • 23 - Introduction to forensics
  • 24 - System and file forensics
  • 25 - File carving
  • 26 - Creating forensic images
  • 27 - Digital forensics toolkit
  • 28 - Operating system analysis
  • 29 - Password forensics
  • 30 - Network forensics
  • 31 - Software forensics
  • 32 - Mobile device forensics
  • 33 - Embedded device forensics
  • 34 - Chain of custody
  • 35 - Ediscovery and evidence production
  • 36 - Exploitation frameworks

Conclusion

  • 37 - Continuing your studies

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal