• Classroom
  • Online, Instructor-Led
Course Description

This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense.

Learning Objectives

Assessing Information Security Risk Identify the Importance of Risk Management Assess Risk Mitigate Risk Integrate Documentation into Risk Management Creating an Information Assurance Lifecycle Process Evaluate Information Assurance Lifecycle Models Align Information Security Operations to the Information Assurance Lifecycle Align Information Assurance and Compliance Regulations Analyzing Threats to Computing and Network Environments Identify Threat Analysis Models Assess the Impact of Reconnaissance Incidents Assess the Impact of Systems Hacking Attacks Assess the Impact of Malware Assess the Impact of Hijacking and Impersonation Attacks Assess the Impact of Denial of Service Incidents Assess the Impact of Threats to Mobile Infrastructure Assess the Impact of Threats to Cloud Infrastructures Designing Secure Computing and Network Environments Information Security Architecture Design Principles Design Access Control Mechanisms Design Cryptographic Security Controls Design Application Security Design Computing Systems Security Design Network Security Operating Secure Computing and Network Environments Implement Change Management in Security Operations Implement Monitoring in Security Operations Test and Evaluate Information Assurance Architectures Assessing the Security Posture Within a Risk Management Framework Deploy a Vulnerability Assessment and Management Platform Conduct Vulnerability Assessments Conduct Penetration Tests on Network Assets Analyze and Report Penetration Test Results Collecting Cybersecurity Intelligence Information Deploy a Security Intelligence Collection and Analysis Platform Collect Data from Security Intelligence Sources Establish Baselines and Make Sense of Collected Data Analyzing Cybersecurity Intelligence Information Analyze Security Intelligence to Address Incidents Incorporate Security Intelligence and Event Management Deploy an Incident Handling and Response Architecture Perform Real-Time Incident Handling Tasks Prepare for Forensic Investigation Investigating Cybersecurity Incidents Create a Forensics Investigation Plan

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Investigation
  • Cybersecurity Management
  • Threat Analysis
  • Vulnerability Assessment and Management