Hands-On Incident Response Analysis

Hands-On Incident Response Analysis

Plan and execute effective incident response protocols for your organization

Bestseller
Created By: Sunil Gupta
16.05 9.62

About This Course

Cyber attacks take place every minute of the day around the world. Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack. Responding to any incident rapidly will help your organization minimize losses, mitigate any vulnerabilities, restore services and processes as quickly as possible, and reduce the risk of being attacked in the future. Incident response strategies prepare an organization for the unknown. They comprise a dependable method for detecting a security instance instantly when it occurs, and addressing it effectively.

In this course, you will learn the core principles of hands-on incident response (IR). You will look at the major symptoms, defenses against them, and what to do when an incident happens, along with how to detect incidents in the first place. You will explore the actual workflow steps that every security professional should follow to ensure consistency in your incident identification and resolution approaches. Moving on, you will delve into some more common incidents that could affect your network by reviewing how to handle and respond to issues such as a DoS, a session hijack, or even malicious code. By taking this course, you will be able to differentiate between commodity and Advanced Persistent Threat (APT) attack groups. You will explore how to review alerts, log files, and recognize common character encodings and carrier files.

By the end of this course, you will be ready to take on incident response strategies pre-emptively and confidently, and you'll be able to identify the various (and sometimes subtle) signs that may indicate you've had an incident or one's coming your way.

Other Information

  • Certificate will provided in this course on Completion
  • Full lifetime access
  • Available on Mobile & Laptop

What Students Will Learn In Your Course?

  • Understand the fundamentals of incident response
  • Learn how to set up security operations in your organization
  • Learn forensics techniques with incident handling
  • Detection of attacks on networks, websites, and applications
  • Hands-on practical approaches to (and protocols for) incident handling

Are There Any Course Requirements Or Prerequisites?

Basic knowledge of the subject.

Who Are Your Target Students?

This course is best suited to information security engineers, IT managers, risk management professionals, IT/system administrators, network administrators, and disaster recovery staff.

Course Content

  • 32 lectures
  • 02:18:12
  • The Course Overview
    00:01:29
  • Identification, Initial Recording, and Response
    00:03:33
  • Incident Communication and Containment
    00:02:38
  • Response Strategy Formulation
    00:02:20
  • Incident Classification and Investigation
    00:02:26
  • Forensics and Eradication
    00:03:07
  • Incident Documentation
    00:02:25
  • Section Introduction
    00:01:26
  • Denial-of-Service Attack Detection and Prevention
    00:08:30
  • Unauthorized Attack Detection and Prevention
    00:12:07
  • Inappropriate Usage Detection and Prevention
    00:10:54
  • Multiple Component Issues, Detection, and Prevention
    00:05:07
  • Introducing the Section
    00:01:22
  • Session Hijacking Symptoms and Defense
    00:04:52
  • SQL Injection Attack Symptoms and Defense
    00:05:11
  • Cross-site Scripting Attack Symptoms and Defense
    00:05:04
  • Buffer Overflow Attack Symptoms and Defense
    00:04:29
  • Signs of Malware Code
    00:03:19
  • Bot and Botnets
    00:03:25
  • Rootkit in Windows
    00:05:04
  • Detection and Prevention of Malicious Code
    00:03:37
  • Forensics Investigation
    00:02:39
  • Capturing Data and Imaging
    00:02:22
  • FTK Imaging Software
    00:06:19
  • Memory Analysis Using Volatility
    00:09:25
  • The Autopsy Program
    00:07:52
  • Workflow of Insider Threats
    00:03:17
  • Detection and Response for Insider Attacks
    00:02:16
  • Insider Threats Prevention: Network Level
    00:02:41
  • Insider Threats Prevention: Access Control
    00:02:47
  • Insider Threats Prevention: Privileged Users
    00:03:03
  • Insider Threats Prevention: Backup
    00:03:06
Image

Packt Publication

  • 4.4 (3)
  • 7 Reviews
  • 3 Students
  • 935 Courses