This course provides students with the background and skills to manage information security incidents to minimize impact on business operations. Topics include detection, investigation, and response to different types of security incidents. Students explore these topics by developing incidence response plans; utilizing industry-standard processes and tools for investigating information security incidents; and recommending processes for incidence response that adhere to legal, regulatory, and organizational compliance. Students who have completed the course have a comprehensive view of cybersecurity incident detection and response.
By the end of this course, the student will be able to:
- Create a cyber response plan and a business continuity plan using the NIST framework
- Utilize the cyber kill chain to aid in the response and recovery effort.
- Develop an Incident Response Plan that mitigates business impacts from a cyber attack.
- Integrate an Incident Response Plan into the Business Continuity Plan