Infosec

Stages of Incident Response

This course is part of Cyber Incident Response Specialization

Taught in English

Some content may not be translated

Keatron Evans

Instructor: Keatron Evans

3,695 already enrolled

Included with Coursera Plus

Course

Gain insight into a topic and learn the fundamentals

4.6

(58 reviews)

Beginner level
No prior experience required
4 hours (approximately)
Flexible schedule
Learn at your own pace

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

1 quiz

Course

Gain insight into a topic and learn the fundamentals

4.6

(58 reviews)

Beginner level
No prior experience required
4 hours (approximately)
Flexible schedule
Learn at your own pace

See how employees at top companies are mastering in-demand skills

Placeholder

Build your subject-matter expertise

This course is part of the Cyber Incident Response Specialization
When you enroll in this course, you'll also be enrolled in this Specialization.
  • Learn new concepts from industry experts
  • Gain a foundational understanding of a subject or tool
  • Develop job-relevant skills with hands-on projects
  • Earn a shareable career certificate
Placeholder
Placeholder

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

Placeholder

There are 7 modules in this course

The Preparation section of the module goes into some detail with common definitions and severity criteria, with special attention being paid to making sure the student understands that the severity criteria should be based on overall organizational definitions and procedures. The latter part of the module goes into the importance of asset inventory and identification as a basis for establishing severity criteria. All these pieces are required for proper preparation for any incident.

What's included

3 videos1 reading

The Identification section deals specifically with how incidents are identified, as well as the classification levels that incidents might fall within. It also reminds the student that these classification levels are established with input from upper management and the rest of the organization. We go into details of notifying the appropriate parties of the incident and how to do that properly. We end this course with a discussion of common tools and techniques.

What's included

4 videos1 reading

This section explores containment and the proper scoping and management of it. We examine the details of how to contain an incident and, more importantly, how to define what containment means. We also explore common containment tools.

What's included

4 videos1 reading

In the Investigation segment, you’ll learn the questions asked in normal investigations and how to properly answer them. You’ll explore the important data sources these answers are pulled from and the role this process plays in incident response overall.

What's included

3 videos1 reading

Dive into what it takes to remove threats from and environment after the threat has been contained. We’ll also take a look at how to verify the threat has been eradicated and address proper notification of eradication to other authorized parties. Lastly, we’ll discuss some common tools for eradication.

What's included

4 videos1 reading

This Recovery segment shows how we tie directly into business continuity and disaster recovery at this phase. We deal with how to restore systems in the least disruptive and most efficient way, as well as defining what constitutes "recovered."

What's included

4 videos1 reading

Look at validation and sign-off of recovery. The module looks at how to effectively assess how well the team responded. It also looks at implementing needed improvements and how to ingest feedback from the rest of the organization or even outside organizations.

What's included

3 videos1 reading1 quiz

Instructor

Instructor ratings
5.0 (13 ratings)
Keatron Evans
Infosec
8 Courses52,556 learners

Offered by

Infosec

Recommended if you're interested in Computer Security and Networks

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Learner reviews

Showing 3 of 58

4.6

58 reviews

  • 5 stars

    75.86%

  • 4 stars

    18.96%

  • 3 stars

    0%

  • 2 stars

    0%

  • 1 star

    5.17%

RG
5

Reviewed on Nov 23, 2022

SS
5

Reviewed on Jan 12, 2022

New to Computer Security and Networks? Start here.

Placeholder

Open new doors with Coursera Plus

Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions