Preparing for and Executing Incident Recovery

by Dale Meredith

Whenever an incident happens, you have to figure out the “Who, What, Where, When”. This course will help you understand how to conduct an investigation, eradicate the incident and how to build out your own CSI (Cyber-Security Investigator) Jump-Bag.

Preview this course

What you'll learn

Cybersecurity investigations are used to determine what events, changes, and other actions have happened on a device, who or what performed them, and what data is stored there. In this course, Preparing for and Executing Incident Recovery, you'll leanr how to conduct an investigation, eradicate the incident and how to build out your own CSI (Cyber-Security Investigator) Jump-Bag. First you'll learn how to be ready to conduct your own forensic investigations. Next, you'll learn what computer forensic techniques are used in a variety of scenarios, including police investigations, system misuse, compromise and malware analysis, and investigations related to internal policy violations. Then, you'll learn about how to create your own forensics kit, their contents, and the use of these devices and tools. Finally, you'll be shown some forensic suites and tools that provide you what you'll need to capture and preserve forensics data and to perform forensic investigations. By the end of this course, you will have discovered and developed new skills to tackle many cyber-security scenarios.

Course Overview

3mins

Course Overview 3m

Your Objectives Here

42mins

What Should Be in Your “Jump-bag”?

28mins

What You're Going to Learn 1m
The Jump-bag 2m
Storage Items 6m
Wireless Items 4m
Network Items 3m
Real Tools 2m
Digital Workstation 2m
Miscellaneous Tools 3m
Other Items 3m
What You Learned, Plus Snacks 2m

What About the Digital “Jump-bag”

46mins

What About the Digital Jump-bag? 1m
Digital or Physical Items 5m
Digital Forensic Crime Scenes 3m
Types of Forensic Software 4m
Suite Tools, Man 17m
Hashing 3m
Password Cracking 5m
Imaging 7m
What Did We Learn? 1m

Understanding the Incident Recovery Process

32mins

What We're Going to Learn 1m
What Incident Recovery Means 2m
The Principles of IR 5m
Steps of IR 2m
What's the Plan 4m
Contingency Components 1m
Continuity Planning 6m
The IR Planning Team 2m
Impact Analysis 2m
All Things IR 4m
Testing Your Plan 2m
What Did You Learn? 1m

The Techniques of Recovery: Containment

12mins

What We're Going to Learn 1m
Containing the Damage 3m
Containing Damage: Segmentation 1m
Containing Damage: Isolation 2m
Containing Damage: Removal 2m
Containing Damage: Reverse Engineering 2m
What Did You Learn? 1m

The Techniques of Recovery: Eradication

15mins

What You're Going to Learn 1m
Sanitization 3m
Reimaging/Reconstruction 7m
Disposal 3m
What Did You Learn? 1m

The Techniques of Recovery: Validation and Corrective Actions

13mins

What You're Going to Learn 1m
Validation: Patching 2m
Validation: Permissions 1m
Validation: Scanning 1m
Validation: Logging 1m
Corrective Actions: What Did You Learn? 3m
Corrective Actions: Change Control 1m
Corrective Actions: Update the Plan 1m
What Did You Learn? 2m

That’s a Wrap

15mins

What You're Going to Learn 1m
Why Crimes Go Unreported 3m
Who Do I Tell? 5m
The Report 4m
What You Learned - Course Summary 2m

About the author

Dale Meredith

Dale Meredith has been a Certified Ethical Hacker/Instructor EC-Council for the past 15 years, and Microsoft Certified Trainer for over 20 years. Dale also has an additional 7 years of senior IT management experience and worked as a CTO for a popular ISP provider. Dale's expertise is in explaining difficult concepts and ensuring his students have an actionable knowledge of the course material. Straddling the line of fun and function, Dale's instruction is memorable and entertaining. Dale's knowl... more

See more courses by Dale Meredith

Ready to upskill? Get started

Contact Sales

Preparing for and Executing Incident Recovery

What you'll learn

Table of contents

About the author

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Contact Sales

Preparing for and Executing Incident Recovery

What you'll learn

Table of contents

About the author

Get access now

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Ready to skill up
your entire team?

Ready to skill up
your entire team?