Topics covered in the Incident Response Course (IR-200)
- Incident Response Overview
This module introduces the concepts of incident response with the main focus being NIST Special Publication 800-61.
- Fundamentals of Incident Response
This module covers the roles and responsibilities of incident response teams, and the main frameworks used by incident responders (CREST, SANS, NIST).
- Phases of Incident Response
NIST SP800-61 provides a four-phase model of Incident Response. This module describes what each phase comprises.
- Incident Response Communication Plans
Learn about the value and contents of incident response communications plans, and review examples of good and bad external communications.
- Common Attack Techniques
This module covers opportunistic and targeted attacks.
- Incident Detection and Identification
This module covers the detection and analysis of malicious activities.
- Initial Impact Assessment
The first thing we need to do when an incident occurs is an initial assessment of the scope and impact of the incident. This module covers the way in which this is accomplished.
- Digital Forensics for Incident Responders
This Module …