Watch trailer
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 3/10/2017 | |
| Level | Beginner | |
| Runtime | 1h 1m | |
| Closed captioning | Included | |
| Transcript | Included | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | N/A | |
| Exams | Included |
Course description
What happens when things go horribly awry? That’s where incident response comes in, allowing you to take control and figure out the best solution to remedy the problem. Take an in-depth look at incident response, its best practices, and some methodologies and tools you can use, including the how, who and when aspects of the incident. Additionally, take a deep dive into the incident in a forensically sound manner making sure any evidence isn’t tampered with and could still be admissible in court. Though this course won’t make you a forensic investigator, it will give you a better understanding of the process so you can make sure you’re making the best decisions when handling an incident. This course is part of a series covering the CompTIA Advanced Security Practitioner (CASP).
Prerequisites
This course assumes that the student has familiarity with information technology and basic networking. The student should also be familiar with basic security concepts, whether through the CompTIA Advanced Security Practitioner Parts 1-6 or outside study. No scripting or “hacking” experience is required.
Meet the expert
David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia
Course outline
Incident Response
Incident Response (40:17)
- Introduction (00:23)
- Incident Response (08:05)
- Preparation (04:59)
- Detection and Analysis (02:16)
- Incident Analysis (03:33)
- Documentation (03:11)
- Incident Prioritization (01:31)
- Incident Notification (02:03)
- Containment, Eradication, and Recovery (04:00)
- Evidence Gathering (01:34)
- Identify the Attackers (02:51)
- Eradication and Recvery (01:32)
- Recovery (01:36)
- Post-Incident Activities (01:02)
- Lessons Learned (01:17)
- Summary (00:15)
Incident vs. Event (07:29)
- Introduction (00:24)
- Incident vs. Event (01:51)
- Incident (02:10)
- Events (02:43)
- Summary (00:19)
Forensics (14:10)
- Introduction (00:28)
- Forensics (01:04)
- Computer Forensics (04:44)
- Computer Forensics Readiness (02:57)
- First Responder (01:22)
- First Responder Tasks (02:23)
- First Responder Continued (00:52)
- Summary (00:15)