Hands-On Incident Response Fundamentals
By Ryan Chapman
Course info



Course info



Description
Most companies have a difficult time finding and hiring qualified Incident Response (IR) analysts. For that matter, many whom make their way into this hands-on security profession lack a solid foundation. In this course, Hands-On Incident Response Fundamentals, you'll be prepared to take on the task of IR by being presented with the core principles associated with the field. First, you'll learn to differentiate between commodity and Advanced Persistent Threat attack groups. Next, you'll discover how to review alerts, log files, and recognize common character encodings and carrier files. Finally, you'll cover how to use a hex editor effectively and work with indicators of compromise. By the end of this course, you'll be ready to take on the task of responding to events and incidents alike. Strong IR analysts must have a strong foundation, and that's exactly what this course intends to provide you.
Section Introduction Transcripts
Course Overview
Hiya folks, my name is Ryan Chapman, and welcome to my course, Hands-On Incident Response Fundamentals. I'm an incident handler, malware reverse engineer, and forensic analyst by trade. I love to run my mouth and share information, which is why I have presented workshops and talks in various security conferences. However, I am extremely proud to present my first course on IR here at Pluralsight. Cyberattacks are taking place every minute of the day around the world. Unfortunately, most companies have difficulty finding and hiring IR analysts, due to the lack of qualified individuals from which to choose. Hence, the reason that I've created this very course. This course provides an overview of the core principles of hands-on IR. Some of the major topics that we will cover include understanding the differences between commodity and advanced persistent threat attack groups, fielding alerts and analyzing log files, performing triage-level file analysis using a hex editor, and working with threat intelligence. By the end of this course, you will be familiar with tier-one triage requirements and be ready to analyze anomalous events in the security information and event management platform. Before beginning the course, you should be familiar with basic computer networking and have a passion for learning. I hope you'll join me on this journey to bolster your understanding of the IR realm with the Hands-on Incident Response Fundamentals course, here at Pluralsight.