• Online, Self-Paced

Most companies have a difficult time finding and hiring qualified Incident Response (IR) analysts. For that matter, many whom make their way into this hands-on security profession lack a solid foundation. In this course, Hands-On Incident Response Fundamentals, you'll be prepared to take on the task of IR by being presented with the core principles associated with the field. First, you'll learn to differentiate between commodity and Advanced Persistent Threat attack groups. Next, you'll discover how to review alerts, log files, and recognize common character encodings and carrier files. Finally, you'll cover how to use a hex editor effectively and work with indicators of compromise. By the end of this course, you'll be ready to take on the task of responding to events and incidents alike. Strong IR analysts must have a strong foundation, and that's exactly what this course intends to provide you.

Learning Objectives

  • Incident Response
  • The Nature of the Threat: Why Are We Here?
  • Common IR Tasks
  • Analyzing Files: Character Encodings, Carrier Files, and Hex Editors
  • Proactive IR: Intelligence, Indicators of Compromise, and Hunting

    Framework Connections

    The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

    Feedback

    If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.