• Online, Instructor-Led

This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.

Learning Objectives

  • Recognize the different approaches, methods and techniques available for conducting root cause analysis;
  • Identify how root cause cause analysis can benefit other processes and activities in the overall incident management overflow;
  • Explain when, why, and how to do root cause analysis;
  • Differentiate between presented industry analysis diagrams and taxonomies

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.