Introduction to Detection and Incident Response

Overview

In this course, you'll focus on incident detection and response. You will learn what defines a security incident and explain the incident response lifecycle, including the roles and responsibilities of incident response teams. You will also explore how security professionals verify and respond to malicious threats. By the end of this course, you will be able to: - Explain the lifecycle of an incident - Describe the tools used in the documentation, detection, and management of incidents. - Determine the roles and responsibilities of incident response teams - Identify the steps to contain, eradicate, and recover from an incident

Syllabus

The incident response lifecycle

This module provides an overview of detection and incident response. Learners will become familiar with the incident response lifecycle, explore the NIST framework, and understand how to use the incident handler's journal.

Incident response operations

In this module, you'll learn about the elements of an incident response team, their responsibilities, and how to create suitable incident response plans.

Incident response tools

In this module, you'll learn about incident response tools, detection systems, and the value of documentation. You'll also explore how SIEM tools collect, normalize, and analyze log data.