In this course, you'll review NIST800-86 to learn basic forensic techniques for incident response. You'll examine management concepts needed to be known and addressed in a security policy. Finally, you'll explore the relationship between metrics and scope analysis in a SOC. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
Learning Objectives
{"recognize the phases of the forensics process","identify the NIST publication that contains forensics techniques that can be integrated into incident response","recognize the steps to collecting evidence on a system when performing a computer forensics investigation"}
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Operational Planning
- Cyber Operations
- Cybersecurity Management
- Digital Forensics
- Executive Cyber Leadership
- Incident Response
- Network Services
- Risk Management
- Threat Analysis
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.