• Online, Self-Paced
Course Description

To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain.

Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Investigation
  • Cyber Operational Planning
  • Cyber Operations
  • Cybersecurity Management
  • Digital Forensics
  • Executive Cyber Leadership
  • Incident Response
  • Systems Development
  • Threat Analysis
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.