Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Planning a Security Incident Response

Microsoft via edX

This course may be unavailable.

Overview

Udemy Special: Ends May 28!
Learn Data Science. Courses starting at $12.99.
Get Deal

This course is designed to help you manage an enterprise security incident, while avoiding common errors, increasing both the effectiveness and efficiency of your incident response efforts.

Note: These courses will retire in June. Please enroll only if you are able to finish your coursework in time.

Syllabus

Module 1

  • Introduction
  • What is threat modelling?
  • The need for incident response plans
  • Assess vulnerabilities in your environment
  • Establish routine monitoring and review of network traffic and system performance
  • Log analysis

Module 2

  • Incident Response Policy, Plan, and Procedure Creation
  • Creation of a CSIRT
  • Establish CSIRT team roles
  • Establish governing policy

Module 3

  • Initial assessment of incident
  • Attack vectors
  • What are false positives and false negatives?
  • Determine the nature of the attack
  • Identify the systems that have been compromised
  • Choosing a containment strategy

Module 4

  • Post-incident activity
  • Protect the evidence while restoring functionality
  • Recommendations and Lessons learned
  • Security incident report

Taught by

Philip E. Helsel and Kimberly Rasmusson-Anderson

Reviews

Start your review of Planning a Security Incident Response

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.