- Course
Incident Response: Containment, Eradication and Recovery
Walking into an incident response situation can be intimidating. This course will teach you how to leverage the information gained from network and host analysis to limit the impact of the incident, and root out an attacker from your environment.
Intermediate
- Course
Incident Response: Containment, Eradication and Recovery
Walking into an incident response situation can be intimidating. This course will teach you how to leverage the information gained from network and host analysis to limit the impact of the incident, and root out an attacker from your environment.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
In an incident response scenario, it’s hard to know where to start. In this course, Incident Response: Detection and Analysis, you’ll learn to how to accomplish the first phase of an incident response scenario, the initial detection and analysis. First, you’ll validate and confirm that a reported event is, indeed, a security incident. Next, you’ll collect initial triage data used for developing IOC detections. Finally, you’ll learn how to assess and gather network event and host data for deeper analysis. When you’re finished with this course, you’ll have answered some initial, and critical, questions around the event, as well as come up with a lot more based on the collected triage data collected, and be able to move into the next phase of incident response.
Incident Response: Containment, Eradication and Recovery
Intermediate
Table of contents
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation.