Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Incident Response Planning

Incident Response Planning

5h 38mBeginner2023-02-22

Authors

Jason Dion

Jason Dion

Cybersecurity Trainer at Dion Training Solutions

Course details

If your organization is the victim of a cyberattack, are you ready to respond? In this course, cybersecurity trainer Jason Dion teaches you how to create, provision, and operate a formal, effective incident response capability within your organization to minimize the damage a cyberattack could cause. Jason guides you through incident response planning, including events, incidents, policies, plans, and procedures. He covers gathering and training your incident response team, as well as establishing and maintaining needed communications. Jason guides you through preparing for an incident and explains how to detect and analyze an incident. Plus, he goes over containment, eradication, recovery, and post-incident activities. Jason fully covers the guidance provided in the NIST SP 800-61, as well as recommendations based upon practical experience from the field.

Skills covered

Incident ResponseCybersecurityDeep Dive (X:Y)

Concepts

0. Introduction

  • 01 - Overview
  • 02 - Why do you need a plan
  • 03 - Lifecycle of an incident response
  • 04 - Review - Introduction

1. Incident Response Planning

  • 05 - Incident response planning
  • 06 - Events and incidents
  • 07 - Policy, plans, and procedures
  • 08 - Policy elements
  • 09 - Plan elements
  • 10 - Procedure elements
  • 11 - Review - Incident response planning

2. Incident Response Team

  • 12 - Incident response team
  • 13 - Incident response team structure
  • 14 - Types of teams
  • 15 - Selecting a team model
  • 16 - Team members
  • 17 - Leading a team
  • 18 - Organizational dependencies
  • 19 - Review - Incident response team

3. Communication

  • 20 - Communication
  • 21 - Coordinating your efforts
  • 22 - Internal information sharing
  • 23 - Business impact analysis
  • 24 - Technical analysis
  • 25 - External information sharing
  • 26 - Review - Communication

4. Preparation

  • 27 - Preparation
  • 28 - Communications and facilities
  • 29 - Hardware and software
  • 30 - Technical resources and information
  • 31 - Software resources
  • 32 - Incident prevention
  • 33 - Review - Preparation

5. Detection and Analysis

  • 34 - Detection and analysis
  • 35 - Attack vectors
  • 36 - Detecting an incident
  • 37 - Indicators of compromise
  • 38 - Conducting analysis
  • 39 - Documenting the incident
  • 40 - Prioritizing the incident
  • 41 - Notification procedures
  • 42 - Review - Detection and analysis

6. Containment, Eradication, and Recovery

  • 43 - Containment, eradication, and recovery
  • 44 - Containment strategy
  • 45 - Evidence collection and handling
  • 46 - Identifying the attacker
  • 47 - Eradication and recovery
  • 48 - Review - Containment, eradication, and recovery

7. Post-Incident Activity

  • 49 - Post-incident activity
  • 50 - Lessons learned
  • 51 - Metrics and measures
  • 52 - Evidence retention
  • 53 - Calculating the cost
  • 54 - Review - Post-incident activity

Conclusion

  • 55 - What to do next

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal