Free

Incident Response and Advanced Forensics

Need some incident response training on your path to becoming a network engineer or cyber defense analyst? This course will introduce you to incident response and prepare you to conduct forensic collections. Learn how to develop protection plans, dive into insider and malware threats, and commence incident recovery.
7
26
M
Time
advanced
difficulty
7
ceu/cpe

Course Content

Part 4 - Giving notice to individuals

10m

Module 4 - Legal Aspects of Incident Response
Part 4 - Keys of Preservation

9m

Module 5 - Forensics of Incident Response
Part 5 - Outsourcing Considerations

8m

Module 2 - Incident Response Policy
Part 5 - Benefits of Information Sharing

6m

Module 4 - Legal Aspects of Incident Response
Part 5 - Volatile Data Considerations

8m

Module 5 - Forensics of Incident Response
Part 5 - Policy Enforcement

8m

Module 6 - Insider Threat
Part 6 - The Role of the Incident Response Manager

9m

Module 2 - Incident Response Policy
Part 6 - Capturing the data

8m

Module 5 - Forensics of Incident Response
Part 6 - Policies and procedures

9m

Module 6 - Insider Threat
Part 7 - What does an Incident Response team do?

5m

Module 2 - Incident Response Policy
Part 7 - Imaging concepts

11m

Module 5 - Forensics of Incident Response
Part 8 - Volatile Memory Capture

13m

Module 5 - Forensics of Incident Response
Part 9 - Forensics in Support of Incident Response

11m

Module 5 - Forensics of Incident Response
Part 10 - Formatting a disk for Incident Response

10m

Module 5 - Forensics of Incident Response
Part 11 - Using the FTK Imaging Software

9m

Module 5 - Forensics of Incident Response
Part 12 - The Forensic Acquisition of Data from a PC

8m

Module 5 - Forensics of Incident Response
Part 13 - Navigating the H Drive

11m

Module 5 - Forensics of Incident Response
Part 14 - Obtaining the Windows Bitlocker Encryption Keys

6m

Module 5 - Forensics of Incident Response
Part 16 - The Autopsy Program

13m

Module 5 - Forensics of Incident Response
Course Description

In the Incident Response training course, students will be introduced to incident response, how to create and implement protection plans, how to investigate incidents forensically, insider and malware threats, and incident recovery.

What is Incident Response Training?

Incidence response refers to the strategized approach and processes that take place after an organization suffers some sort of security incident. The approach focuses on trying to minimize the negative impact of the cyberattack, as well as recovering any affected data and systems in the quickest and most effective way possible. Incident response usually also includes consideration for recovery costs.

What Does the Incident Response and Handling Course Cover?

In the Incident Response and Handling training course, students will focus on learning how to properly design, develop, and deploy security incident response plans. The course is designed to give all students a deep dive into incident response plans, with a skillset that they can take back to help their organizations immediately.

This is a self-paced course that will train students to make carefully considered, smart decisions after an incident has occurred. Students will learn about three important aspects of incident response: a business impact analysis, business continuity plan, and a disaster recovery plan. Upon completing the course, students should have an idea of how to become prepared for incidents and how to begin the mitigation process following them.

The Incident Response training is ideal for professionals working on an incident response team, system and network administrators, and anyone else who is interested in improving their incident management and network forensics skills.

This course has a total of 8 hours and 6 minutes of clock time, for which students earn 7 CEU/CPE. Students will receive a Certificate of Completion for the course.

Why is Incident Response and Handling Important?

Every organization needs professionals with incident response training because even the very best defenses can be breached. Organizations need a team of cybersecurity professionals who are up to date on the most current cyber threats and attacks, as well as security techniques. The proper training in incident response is the best way for organizations to achieve this. Severe attacks are occurring more frequently, and they are causing increasing amounts of damage. It is vital to be prepared, now more than ever before.

Not having an incident responder team in place can be extremely detrimental to an organization. Damage can range from loss of sensitive information, interrupted operations, costly fines, to a tarnished reputation and loss of customer trust. It’s important to remember that without training, new threats can strike, and no one will know what they are or how to defend against them.

The reality is, most cyberthreats can be mitigated when organizations employ an effective team of IT professionals. One of the most important parts of that team is incident response.

What Does and Incident Response Analyst Do?

An Incident Response Analyst can vary depending on the specific organization, its location, and size. However, there are some general duties that are usually assigned, including:

* Investigating and reporting on cybersecurity trends and issues. * Conducting forensic collections, intrusion correlation, threat analysis, and tracking direct system remediation as incidents happen. * Providing consistent examination of potential threats and incidents, and train employees and shareholders. * Evaluating incidents in terms of priority, including potential and possible threats and impacts. * Employing incident data to identify exposures and suggest mitigation approaches. * Evaluating logs for tracing and remediating any likely security risks. * Act as a technical liaison with law enforcement when necessary.

The above are simply general duties. Depending on the organization, Incident Response Analysts may be responsible for more or fewer duties.

How is it Best to Learn about Incident Response and Handling?

Students who are interested in learning about incident response, the applicable concepts and skills, should enroll in a training course like Cybrary’s Incident Response and Handling course. All of our courses are online and self-paced. Students can take as long as they need to fully understand the course material and concepts. Even students with a busy schedule can take this course, as they are able to access it at the times that work best for them.

If you are interested in starting this course, enroll by clicking the Register button at the top of this screen.

This course is part of a Career Path:
No items found.

Instructed by

Instructor
Max Alexander

I serve as the Chief Technology Officer and Director of Cybersecurity for Aveshka Inc. where I consult with federal and commercial clients in cyber and information security issues ranging from digital forensics, incident response, data loss prevention, risk management, COOP, disaster recovery, and insider threat. I am the lead forensic investigator for the Pentagon’s Computer Incident Response Team (PENTCIRT), and I created the governance model for the Pentagon’s User Activity Monitoring Program. I also serve as a Professor of Digital Forensics at the University of Maryland University College where I train and mentor future forensicators using my two decades of experience as a former intelligence officer where I specialized in National Level Counterintelligence (CI), Human Intelligence (HUMINT), and Signals Intelligence Collection (SIGINT) at the National Security Agency and the National Counterintelligence Executive.

Provider
Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Incident Response and Advanced Forensics Certificate of Completion