About this Course

Shareable Certificate
Earn a Certificate upon completion
100% online
Start instantly and learn at your own schedule.
Flexible deadlines
Reset deadlines in accordance to your schedule.
Beginner Level
Approx. 15 hours to complete
English

Skills you will gain

Computer Security Incident ManagementMalware AnalysisMemory ForensicsTraffic Analysis
Shareable Certificate
Earn a Certificate upon completion
100% online
Start instantly and learn at your own schedule.
Flexible deadlines
Reset deadlines in accordance to your schedule.
Beginner Level
Approx. 15 hours to complete
English

Offered by

Placeholder

Infosec

Syllabus - What you will learn from this course

Week
1

Week 1

2 hours to complete

Incident Response Fundamentals

2 hours to complete
5 videos (Total 55 min), 3 readings, 1 quiz
5 videos
The NIST five phases of Incident Response19m
Business Continuity and Disaster Recovery roles6m
Building an Incident Response playbook9m
Building an Incident Response team5m
3 readings
Introduction to Incident Response10m
Incident Response Process10m
Incident Response Essential Components10m
1 practice exercise
Understanding Incident Response fundamentals15m
Week
2

Week 2

5 hours to complete

Stages of Incident Response

5 hours to complete
25 videos (Total 189 min), 7 readings, 1 quiz
25 videos
Identifying threats and vulnerabilities14m
Incident Response assets inventory and identification8m
Incident identification11m
Incident Response classification levels6m
Communication/notification of an incident11m
Identification tools and techniques9m
Scoping containment efforts14m
Determining status of infected/affected computing resources7m
Containment actions10m
Containment tools and techniques4m
Who, What, When, Where?7m
Investigation data sources9m
The role of Digital Forensics5m
What is eradication?10m
Cleanup and verification5m
Notification6m
Eradication tools and techniques4m
Returning to normal business processes4m
Service and System restoration4m
Certification and validation of Business Continuity4m
Recovery and restoration tools and techniques5m
Assessing the team and processes' effectiveness5m
Implementing improvements3m
Feedback from other teams in the organization3m
7 readings
Incident Response Stage 1: Preparation10m
Incident Response Stage 2: Identification10m
Incident Response Stage 3: Containment10m
Incident Response Stage 4: Investigation10m
Incident Response Stage 5: Eradication10m
Incident Response Stage 6: Recovery10m
Incident Response: Lessons Learned10m
1 practice exercise
Understanding Incident Response stages30m
Week
3

Week 3

8 hours to complete

Technical Deep Dive with Incident Response Tools

8 hours to complete
13 videos (Total 233 min), 1 reading, 2 quizzes
13 videos
Network forensics with Zeek: conn.log12m
Network forensics with Zeek: dns.log10m
Network forensics with Zeek: putting them together28m
Introduction to Wireshark12m
Network forensics with Wireshark15m
Memory forensics: extracting a memory dump10m
Memory forensics: extracting artifacts and IOCs with Volatility21m
Data breach/hacking incident: Investigation23m
Data breach/hacking incident: Containment23m
Data breach/hacking incident: Eradication/Validation12m
Live ongoing hacking incident: Detection/Investigation21m
Live ongoing hacking incident: Investigation/Containment19m
1 reading
Incident Response Project Overview3h 10m
2 practice exercises
Understanding the Incident Response process and tools30m
Project Quiz30m

Frequently Asked Questions

More questions? Visit the Learner Help Center.