Full course description
This course discusses the topic of Incident Response and Management. Given the frequency and complexity of today's cyber attacks, incident response is a critical function and the last line of defense.
Detecting and efficiently responding to incidents requires a strong understanding of the fundamentals of security incidents which you will learn in this course. You will learn how an enterprise should prepare for incidents including creation of a computer security incident response team (CSIRT), as well as communication processes, policies, and procedures. You will also learn about the sequence of actions that take place when an incident happens including analysis, scope discovery, and when to bring in external expertise to analyze the incident. Lastly, you will develop an understanding of post incident management procedures, customer management, and remediation management.
Key Course Takeaways:
- Identify what an incident is.
- Differentiate between an incident and a breach.
- Prepare an enterprise for incident management.
- Identify the sequence of events when an incident happens.
- Implement recovery procedures post incident.
- Manage customer perception post incident.