If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand threat response. By the end of the course, you will be able to: • Explain the purpose of incident response planning • Describe the typical incident response life cycle • Describe the typical elements within an incident response policy • Describe how incidents can be classified. • Describe the different US-CERT incident categories (CAT 0 to CAT 6) • Describe compliance regulations that contain incident response requirements • Describe the different general CSIRT categories • Describe the basic framework that defines a CSIRT• Describe the different CSIRT incident handling services: triage, handling, feedback, and optional announcement • Describe a typical incident response plan and the functions of a typical CSIRT. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
Overview
Syllabus
- Describing Incident Response
- If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand threat response. By the end of the course, you will be able to: • Explain the purpose of incident response planning • Describe the typical incident response life cycle • Describe the typical elements within an incident response policy • Describe how incidents can be classified. • Describe the different US-CERT incident categories (CAT 0 to CAT 6) • Describe compliance regulations that contain incident response requirements • Describe the different general CSIRT categories • Describe the basic framework that defines a CSIRT• Describe the different CSIRT incident handling services: triage, handling, feedback, and optional announcement • Describe a typical incident response plan and the functions of a typical CSIRT. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
- Understanding the Use of VERIS
- If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you describe the use of Vocabulary for Event Recording and Incident Sharing (VERIS). By the end of the course, you will be able to: • Explain the use of VERIS to document security incidents in a standard format. • Explain VERIS. • Explain the VERIS incidents structure. • Explain the VERIS 4 A's. • Describe a typical VERIS record. • Describe the VERIS community database. • Describe the Verizon Data Breach Investigations Report and the Cisco Annual Security Report. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
Taught by
Cisco Learning & Certifications
