Overview
The Cyber Incident Response course will give students an understanding of how incidents are responded to at a high level, as well as allow them to build important technical skills through the hands-on labs and projects.
This course starts with a high-level discussion of what happens at each phase of responding to an incident, followed by a technical deep dive into some of the more exciting parts of memory, network, and host analysis and forensics. This course is for anyone wishing to apply learned forensics and offensive knowledge such as ethical hacking to the incident response process.
Syllabus
- Incident Response Fundamentals
- This course goes into some detail with common definitions and severity criteria related to incident response, with special attention being paid to making sure the student understands that the severity criteria should be based on overall organizational definitions and procedures. The latter part of the course goes into the importance of asset inventory and identification as a basis for establishing severity criteria. All these pieces are required for proper preparation for any incident.
Taught by
Andrei Antipov