• Online, Self-Paced
Course Description

This course focuses on the type and nature of work the CSIRTs may be expected to handle. It provides an overview of the incident response field, including the nature of incident response activities and an overview of the incident handling processes. The course focuses on foundation material, staffing issues, incident management processes, and other issues such as working with law enforcement, insider threat, and publishing information.

Learning Objectives

  • Provide an overview of the incident response arena, the nature of incident response activities, and incident handling processes.
  • Guide learners to understand technical issues from a management perspective, problems and pitfalls to avoid, and best practices where applicable.
  • Emphasize the importance of CSIRT management predefined policies and procedures.
  • Discuss what is needed to operate an effective CSIRT.

Framework Connections

Specialty Areas

  • All-Source Analysis
  • Threat Analysis
  • Cyber Investigation

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.