Are you just getting started with Incident Response (IR) and not sure where to begin? Do you need to stand up an IR program or establish a Computer Security and Incident Response Team and need to get started on the right foot?
Incident Response can be one of the most difficult aspects of Information Security and foundational skills are critical.
The goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey, what to prioritize, and why boring stuff like policies and procedures are just as important as technical digital forensics skills.
We will cover the logging and monitoring capabilities necessary to be able to successfully investigate and triage an incident as well as what to do when those log sources fail. The concepts and skills introduced in this class will lay the groundwork for the next steps in the IR journey of in-depth endpoint and network forensics and analysis.