Incident Response and Recovery

Overview

Course 4 - Incident Response and Recovery This is the fourth course under the specialization SSCP In this course, we will focus on incident response and recovery. We will explore the incident life cycle as defined by NIST and continue with a deeper look at supporting forensic investigations. We will also extend these ideas and concepts around the theme of business continuity and disaster recovery. Course 4 Learning Objectives After completing this course, the participant will be able to:  - Identify the elements of an incident response policy and members of the incident response team (IRT).  - Evaluate the security professional’s role in supporting forensic investigations.   - Explain how the security professional supports activities of business continuity and disaster recovery planning. Who Should Take This Course: Beginners Experience Required: No prior experience required

Syllabus

Overview

Having an intruder inside your systems for months, unnoticed by system administrators, security specialists and end users alike, is tantamount to giving the intruder the keys to your business or organization. In far too many cases, organizations discover that they have been subjected to a data breach by being told by someone else that their private data has been offered for sale on the dark web. Leading voices within the security profession state we must do better at detecting the intruder in our midst; many say that detecting the intruder should be the priority for security professionals. Ransomware attacks have become big business, involving not only large-scale extortion attacks but also the selling of ransomware attack tools and services and exploitation of data exfiltrated during the breach. Government officials and industry professionals around the world, such as Anne Neuberger, U.S. Deputy National Security Advisor for Cyber and Emerging Technology, have raised their voices about this “new and very troubling variant” in the advanced persistent threat (APT) attackers’ business model. In this course, we will focus on incident response and recovery. We will explore the incident life cycle as defined by NIST and continue with a deeper look at supporting forensic investigations. We will also extend these ideas and concepts around the theme of business continuity and disaster recovery.