Incident Response

Paths

Expanded

Incident Response

Author: Aaron Rosenmund

Incident Response is a core skill path for incident responders working the hands-on-keyboard, technical aspects of a reported security incident. The target audience for this path... Read more

##What you will learn:

This skill path works through the methodological phases of incident response. These phases consist of:

  • Initial analysis and detection of a security event
  • Collecting data and containment of the threat
  • Full network and host analysis to identify root cause
  • Post incident activity, including remediation and recovery

Pre-requisites

It is strongly recommended that you have a fundamental understanding and knowledge of security and networking fundamentals. This skill path should be viewed as a continuation, or next-level of learning, from our Security Event Triage skill path.

Incident Response

This skill path works through the methodological phases of incident response. These phases consist of:

  • Initial analysis and detection of a security event
  • Collecting data and containment of the threat
  • Full network and host analysis to identify root cause
  • Post incident activity, including remediation and recovery

Incident Response: Detection and Analysis

by Aaron Rosenmund

Dec 16, 2021 / 2h 19m

2h 19m

Start Course
Description

In an incident response scenario, it’s hard to know where to start. In this course, Incident Response: Detection and Analysis, you’ll learn to how to accomplish the first phase of an incident response scenario, the initial detection and analysis. First, you’ll validate and confirm that a reported event is, indeed, a security incident. Next, you’ll collect initial triage data used for developing IOC detections. Finally, you’ll learn how to assess and gather network event and host data for deeper analysis. When you’re finished with this course, you’ll have answered some initial, and critical, questions around the event, as well as come up with a lot more based on the collected triage data collected, and be able to move into the next phase of incident response.

Table of contents
  1. Course Overview
  2. Incidents and Response Teams with a Dash of Dark Energy
  3. Preparation
  4. Detection and Analysis
  5. Intel
  6. Collect Host Data
  7. Collect Network Data

Coming Soon

Incident Response: Host Analysis

Coming Soon

by Pluralsight

Coming Soon

Incident Response: Network Analysis

Coming Soon

by Brandon DeVault

Coming Soon

Incident Response: Containment, Eradication and Recovery

Coming Soon

by Pluralsight

Learning Paths

Incident Response

  • Number of Courses4 courses
  • Duration2 hours
  • Expanded

Incident Response is a core skill path for incident responders working the hands-on-keyboard, technical aspects of a reported security incident. The target audience for this path is practitioners at entry level to two years of experience in the field.

These courses will take you through a full, adrenaline-filled scenario where the international conglomerate, Globomantics, have reportedly been hit with ransomware! Be prepared to go through the roller-coaster ride of incident response as we assess and analyze the threat and remediate their systems.

Courses in this path

Incident Response

This skill path works through the methodological phases of incident response. These phases consist of:

  • Initial analysis and detection of a security event
  • Collecting data and containment of the threat
  • Full network and host analysis to identify root cause
  • Post incident activity, including remediation and recovery

Join our learners and upskill
in leading technologies