Learn your way! Get started

CASP, Part 8 of 9: Incident Response

with expert David Bigger

Watch trailer

Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/10/2017
Level Beginner
Runtime 1h 1m
Closed captioning Included
Transcript Included
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included

Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

What happens when things go horribly awry? That’s where incident response comes in, allowing you to take control and figure out the best solution to remedy the problem. Take an in-depth look at incident response, its best practices, and some methodologies and tools you can use, including the how, who and when aspects of the incident. Additionally, take a deep dive into the incident in a forensically sound manner making sure any evidence isn’t tampered with and could still be admissible in court. Though this course won’t make you a forensic investigator, it will give you a better understanding of the process so you can make sure you’re making the best decisions when handling an incident. This course is part of a series covering the CompTIA Advanced Security Practitioner (CASP).


This course assumes that the student has familiarity with information technology and basic networking. The student should also be familiar with basic security concepts, whether through the CompTIA Advanced Security Practitioner Parts 1-6 or outside study. No scripting or “hacking” experience is required.

Meet the expert

David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia

Course outline

Incident Response

Incident Response (40:17)
  • Introduction (00:23)
  • Incident Response (08:05)
  • Preparation (04:59)
  • Detection and Analysis (02:16)
  • Incident Analysis (03:33)
  • Documentation (03:11)
  • Incident Prioritization (01:31)
  • Incident Notification (02:03)
  • Containment, Eradication, and Recovery (04:00)
  • Evidence Gathering (01:34)
  • Identify the Attackers (02:51)
  • Eradication and Recvery (01:32)
  • Recovery (01:36)
  • Post-Incident Activities (01:02)
  • Lessons Learned (01:17)
  • Summary (00:15)
Incident vs. Event (07:29)
  • Introduction (00:24)
  • Incident vs. Event (01:51)
  • Incident (02:10)
  • Events (02:43)
  • Summary (00:19)
Forensics (14:10)
  • Introduction (00:28)
  • Forensics (01:04)
  • Computer Forensics (04:44)
  • Computer Forensics Readiness (02:57)
  • First Responder (01:22)
  • First Responder Tasks (02:23)
  • First Responder Continued (00:52)
  • Summary (00:15)